Head of Information Security

We are looking to hire a proficient and knowledgeable Head of Information Security who will oversee the creation, execution, and upkeep of the company's information security efforts. This position entails monitoring the pathways through which information enters and exits the organization's information network, scrutinizing all activities occurring across the network, and managing the infrastructure that underpins these activities. Additionally, the role includes applying necessary software updates and maintaining computer hardware systems.

Core Responsibilities

- Spearhead the creation of information security governance documents.

- Secure management endorsement for security policies, standards, and procedures by effectively communicating their advantages and related costs.

- Formulate and execute a thorough cybersecurity strategy that aligns with the organization's objectives and goals.

- Supervise the implementation of cybersecurity programs, projects, and initiatives from start to finish, ensuring adherence to timelines, budgets, and quality benchmarks.

- Collaborate with the group cybersecurity team, regulatory bodies, and auditors as needed.

- Manage relationships with vendors by assessing, selecting, and supervising third-party vendors and service providers to ensure they fulfill information security requirements.

- Identify and procure the most suitable cybersecurity tools and solutions for the organization.

- Develop and oversee the cybersecurity budget, effectively allocating resources to support initiatives and projects.

- Conduct audits to pinpoint areas within business practices that need attention from a cybersecurity standpoint.

- Establish standardized methods for performing security tests in line with organizational security requirements.

- Implement review processes based on the organization's security risk management strategy.

Regularly assess the effectiveness of incident response plans in relation to industry best practices and make updates as necessary.

- Recognize potential threats and risks that pertain to the organization's operations and systems.

- Record information concerning cybersecurity incidents, threats, risks, and controls.

- Evaluate the effectiveness of action plans aimed at mitigating information security risks.

- Create performance reports on information security derived from the analysis and correlation of security events.

- Classify and prioritize potential security incidents for suitable responses.

- Suggest improvements to enhance overall information security performance.

- Examine business and security environments to pinpoint existing requirements and possible gaps.

- Consistently review security policies, standards, and procedures, taking into account identified threats and gathered information.

- Periodically test incident response plans to confirm response times and adherence to procedures.

- Set up key performance indicators (KPIs) and metrics to evaluate the effectiveness of cybersecurity initiatives.

- Generate regular reports and presentations for senior management and stakeholders.

Qualification Requirements

- At least 7 years of project management experience, demonstrating a successful history of delivering projects on schedule, within budget, and to high standards.

- Comprehensive knowledge of project management methodologies, frameworks, and tools (e.g., PMBOK, Agile, Scrum, Kanban, Microsoft Project, Jira).

- Exceptional leadership, communication, and interpersonal skills, with the ability to effectively lead and inspire cross-functional teams within a matrix organization.

- Strong analytical and problem-solving skills, with the ability to foresee risks, identify issues, and devise practical solutions.

- Awareness of industry-specific regulations, standards, and best practices.