Director of Information Security
London
Full Time Executive-level / Director GBP 140K - 150K
Reward Gateway
Boost engagement by simplifying and uniting employee recognition, rewards, communications and more in one easy-to-use employee engagement platform.Application Deadline: 24 April 2024
Department: Security
Employment Type: Full Time
Location: London
Compensation: £140,000 - £150,000 / year
Description
In May 2023 Reward Gateway was acquired by Edenred. Edenred is a leading digital platform for services and payments for people at work, connecting 52 million users and 2 million partner merchants in 45 countries via close to 1 million corporate clients.With our shared missions of ‘Making the World a Better Place to Work” and ‘Enriching connections, For good’, you’ll be contributing to improving employee engagement and building better, stronger and more resilient organisations to improve people’s daily lives. Our shared mission guides our every action and charts a sustainable path to a better future.
An opportunity has become available for an experienced leader to join Reward Gateway as a Director of Information Security.
In this role, you will lead all aspects of cyber and information security, compliance, and business continuity planning.
You will develop the IT security strategy and guide its implementation, enabling the business to achieve its goals at pace, whilst safeguarding the business from real-world security risks and handling regulatory compliance. You will provide both technical leadership and champion security across the business, to support the protection of Reward Gateway from threats.
This is a senior role leading the future of security for a software-as-a-service company. You will need to delight your customers across business units by fulfilling their needs. You must also “own it” and ensure to practically help the team achieve continued compliance with ISO, SOC2, and other frameworks, projects, and metrics. You will push the boundaries and make Reward Gateway’s security world-class with our customers’ data well protected.
Core Duties Include:
- Develop the vision and strategy for security that enables and facilitates the business objectives.
- Develop and maintain a unified and flexible control framework, working to integrate the requirements of global laws, standards, and regulations.
- Provide security perspectives and focus on business and technology partnerships to build security into new initiatives.
- Manage the information security budget.
- Partner with IT, software development, and engineering teams to ensure the consistent application of controls across all technology projects, systems, and services.
- Report on the external threat environment for emerging threats, and partner with relevant teams to take appropriate courses of action.
- Be responsible for disaster recovery policies aligned with the business continuity management (BCM) program goals.
- Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in a risk event; provide direction, support, and in-house consulting in these areas.
- Implement processes and tools to prioritise and remediate risks and vulnerabilities across Reward Gateway’s services.
- Provide regular reporting on the current status of risks to the Leadership Team and Group Security functions.
- Ensure appropriate metrics and objectives are set for, and met by, the team.
- Implement secure-by-design principles to ensure the production of secure products.
- Provide line management and mentorship to team members.
- Develop a positive security culture and strong awareness culture throughout the organisation.
Qualifications, experience and skills required:
- A relevant qualification in Computer Science/Information Security/Cyber Security or related.
- 5+ years experience in a senior leadership or director role leading InfoSec teams.
- Experience in leading information security functions in a scale-up SaaS business with demonstrable results.
- Experience with risk frameworks, including risk appetite assessment, and risk analysis within the context of business, and technology problems.
- Familiarity with compliance frameworks and regulatory requirements including - NIST, ISO 27001, ISO 22301, Cyber Essentials, PCI Compliance, and SOC2 requirements.
- Excellent written and verbal communication, facilitation, leadership, delegation, and presentation skills, including the ability to communicate concepts to technical and non-technical audiences at various levels ranging from Leadership Team members to Technical Specialists.
- Ability to lead and empower global, interdisciplinary teams to achieve tactical and strategic goals.
- High level of personal integrity, as well as the ability to handle confidential matters professionally.
- Flexibility and ability to multitask in a fast-paced and rapidly growing business.
The Interview Process.
- A 45-minute online interview with the Senior Talent Partner
- Online interview with the current Director of InfoSec and Director of Product Strategy
- In-person interview with the CTO and Director of Engineering
Be comfortable. Be you. At Reward Gateway, we want all of our employees to feel comfortable bringing their passion, creativity and individuality to work. We value all cultures, backgrounds and experiences, as we truly believe that diversity drives innovation. Express yourself, join our community and help us Make the World a Better Place to Work.
We hire BETTER. From perks to people, our BETTER approach to hiring earns us more trust, happier people and more world-class talent that help us to make the world a better place to work. Find out more about Reward Gateways approach to benefits, equality, talent, technology, empathy and what you’ll get in return for joining our Mission at rg.co/lifeatrg.
Tags: Compliance Computer Science ISO 22301 ISO 27001 NIST Risk analysis SaaS Security strategy SOC 2 Strategy Vulnerabilities
Perks/benefits: Career development Flex hours Flex vacation Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs