Director of Information Security

Director of Information Security

Application Deadline: 24 April 2024

Department: Security

Employment Type: Full Time

Location: London

Compensation: £140,000 - £150,000 / year

Description

In May 2023 Reward Gateway was acquired by Edenred. Edenred is a leading digital platform for services and payments for people at work, connecting 52 million users and 2 million partner merchants in 45 countries via close to 1 million corporate clients.
With our shared missions of ‘Making the World a Better Place to Work” and ‘Enriching connections, For good’, you’ll be contributing to improving employee engagement and building better, stronger and more resilient organisations to improve people’s daily lives. Our shared mission guides our every action and charts a sustainable path to a better future.

An opportunity has become available for an experienced leader to join Reward Gateway as a Director of Information Security. 

In this role, you will lead all aspects of cyber and information security, compliance, and business continuity planning.

You will develop the IT security strategy and guide its implementation, enabling the business to achieve its goals at pace, whilst safeguarding the business from real-world security risks and handling regulatory compliance. You will provide both technical leadership and champion security across the business, to support the protection of Reward Gateway from threats.

This is a senior role leading the future of security for a software-as-a-service company. You will need to delight your customers across business units by fulfilling their needs. You must also “own it” and ensure to practically help the team achieve continued compliance with ISO, SOC2, and other frameworks, projects, and metrics. You will push the boundaries and make Reward Gateway’s security world-class with our customers’ data well protected. 

Core Duties Include:

• Develop the vision and strategy for security that enables and facilitates the business objectives.
• Develop and maintain a unified and flexible control framework, working to integrate the requirements of global laws, standards, and regulations.
• Provide security perspectives and focus on business and technology partnerships to build security into new initiatives.
• Manage the information security budget.
• Partner with IT, software development, and engineering teams to ensure the consistent application of controls across all technology projects, systems, and services.
• Report on the external threat environment for emerging threats, and partner with relevant teams to take appropriate courses of action.
• Be responsible for disaster recovery policies aligned with the business continuity management (BCM) program goals.
• Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in a risk event; provide direction, support, and in-house consulting in these areas.
• Implement processes and tools to prioritise and remediate risks and vulnerabilities across Reward Gateway’s services.
• Provide regular reporting on the current status of risks to the Leadership Team and Group Security functions.
• Ensure appropriate metrics and objectives are set for, and met by, the team.
• Implement secure-by-design principles to ensure the production of secure products.
• Provide line management and mentorship to team members.
• Develop a positive security culture and strong awareness culture throughout the organisation.

Qualifications, experience and skills required:

• A relevant qualification in Computer Science/Information Security/Cyber Security or related.
• 5+ years experience in a senior leadership or director role leading InfoSec teams.
• Experience in leading information security functions in a scale-up SaaS business with demonstrable results.
• Experience with risk frameworks, including risk appetite assessment, and risk analysis within the context of business, and technology problems.
• Familiarity with compliance frameworks and regulatory requirements including - NIST, ISO 27001, ISO 22301, Cyber Essentials, PCI Compliance, and SOC2 requirements.
• Excellent written and verbal communication, facilitation, leadership, delegation, and presentation skills, including the ability to communicate concepts to technical and non-technical audiences at various levels ranging from Leadership Team members to Technical Specialists.
• Ability to lead and empower global, interdisciplinary teams to achieve tactical and strategic goals.
• High level of personal integrity, as well as the ability to handle confidential matters professionally.
• Flexibility and ability to multitask in a fast-paced and rapidly growing business.

The Interview Process.

• A 45-minute online interview with the Senior Talent Partner
• Online interview with the current Director of InfoSec and Director of Product Strategy
• In-person interview with the CTO and Director of Engineering

Be comfortable. Be you. At Reward Gateway, we want all of our employees to feel comfortable bringing their passion, creativity and individuality to work. We value all cultures, backgrounds and experiences, as we truly believe that diversity drives innovation. Express yourself, join our community and help us Make the World a Better Place to Work.
We hire BETTER.  From perks to people, our BETTER approach to hiring earns us more trust, happier people and more world-class talent that help us to make the world a better place to work. Find out more about Reward Gateways approach to benefits, equality, talent, technology, empathy and what you’ll get in return for joining our Mission at rg.co/lifeatrg.