Opportunity Details

Posted: 13/05/2019

Chief Information Security Officer (CISO)

Location
United Kingdom, London Bishopsgate
Schedule Type
Full Time
Reference
SHAW01057
Job Family
Corporate Functions
The Role

As Shawbrook continues to grow we are looking for a Chief Information Security Officer to join our team based in London. You will guide the IT & Information security strategy and implementation, whilst protecting the business from security threats and cyber-attacks. Security operational compliance to all appropriate standards (e.g. ISO27001) and applicable regulations (e.g. PRA, FCA, ICO, etc.) is the responsibility of the CISO. This is a senior role and will commonly involve instructing a team and taking a seat on various organisational forums and committees.

Responsibilities

Key responsibilities include the following:

  • Creating and implementing the strategies and the deployment of Information and IT security technologies, policies, standards and procedures
  • Overseeing the management of the Information Security department, giving guidance to the team and developing staff
  • Devising and constantly updating strategies as appropriate to maintain security posture within business risk appetite, leveraging adequate resources encompassing people, process and technology.
  • Managing the IT security budget and communicating this with the appropriate parties
  • Developing strategies to handle security incidents and trigger investigations, overseeing investigations of reported security breaches
  • Complying with the latest regulations and compliance requirements
  • Ensure that security related disaster recovery and business continuity plans are in place and tested
  • Communicate best practices and risks to all parts of the business
  • Maintain an up to date understanding of the threat landscape for the industry the business operates in
  • Review and approve security policies, controls and cyber incident response planning
  • Set the strategy and oversee delivery of comprehensive reporting
  • Establish and maintaining the enterprise vision, strategy, and programmes to ensure information assets and technologies are adequately protected
The Person

Suitable candidates will have the following experience:          

Qualifications/Certification   

  • Degree in an IT related discipline desirable
  • CISSP, CISM or CISA Certification needed
  • Cloud Security certification e.g. CCSP desirable
  • Project Management, e.g. PRINCE2 desirable

     

Experience

  • Professional experience in Information Security
  • Previous experience of leading and developing information security teams
  • Experience working in a financial services / regulated environment
  • Industry and regulatory awareness across multiple jurisdictions
  • Understanding of systems and their interactions, limitations and security risks.
  • Generation of business cases to the backing of projects
  • Experience working within a medium sized technology department (100+)

     

Technical

  • Data Security
  • Malware Protection
  • Network Security
  • Cloud Security
  • Endpoint Security
  • Identity & Access Management
  • Security Monitoring
  • Vulnerability Management
  • Incident Response
  • Hands-on experience in several of the above domains with good operational knowledge of the rest
  • Knowledge of developing multi layered defensive controls aligned to organisational threat profile
  • Ability to develop strategies and plans to treat identified risks and remediate audit findings

 

Interpersonal

  • Ability to prioritise work to meet SLA’s with the organisation
  • Plan and coordinate the use of resources and facilities
  • Adaptability – Adapting to changes in technology and threats quickly
  • Excellent negotiating and influencing skills
  • Well-developed leadership skills combined with entrepreneurial spirit
  • Excellent problem solving and decision-making skills
  • Excellent communication skills both written and verbal
  • Ability to work as part of a team
  • High work ethic, energy and personal commitment to success
  • Accuracy & attention to detail
  • Establishes effective working relationships at all levels
  • Customer-attentive approach and willing to champion the business
  • Good awareness of own strengths, weaknesses, and future aspirations
  • Presents a professional/business like image, credible
Banding

This role is an SB1 within Shawbrook’s internal banding structure