Information Security Lead

The Role

As Teneo's Information Security Lead you will be responsible for implementing and running the Firm’s information security program with the Global Head of Technology. That will involve identifying, evaluating, and reporting on legal and regulatory IT, and cybersecurity risk to information assets, while supporting and advancing technology and business objectives.

As Information Security Lead, you'll have sound knowledge of cybersecurity technologies covering the corporate network as well as the broader digital ecosystem. You'll be responsible for establishing and maintaining the information security program to ensure that information assets and associated technology, applications, systems, infrastructure, and processes are adequately protected in the digital ecosystem in which we operate.

A key element of role is working with the Global Head of Technology to determine acceptable levels of risk for the organization. You'll work with the Global Head of Technology and the Firm’s leadership to implement practices that meet agreed-on policies and standards for information security. You should also understand and articulate the impact of cybersecurity on the business and be able to communicate this to the Global Head of Technology.

On top of this, you'll be hands-on, working on daily operational activities, as well as managing projects in the security portfolio and should have a track record of competency in the field of information security.

We are particularly interested to hear from you if you're;

• Currently a Junior Security Lead that is ready to move into a lead role (future CISO)
• Has experience with regulations and governance
• Have a finance or legal background

Key Responsibilities

Establish Governance and Build Knowledge

• Provides regular reporting on the current status of the information security program to the Global Head of Technology and Firm leadership.

• Develops, socializes, and coordinates approval and implementation of security policies.

• Works to ensure that information security requirements are included in contracts by liaising with legal during vendor management.

• Directs the creation of a targeted information security awareness training program for all employees, contractors, and approved system users, and establishes metrics to measure the effectiveness of this security training program for the different audiences

• Works to ensure the consistent application of policies and standards across all technology projects, systems, and services, including privacy, risk management, compliance, and business continuity management

Lead and the Operate the Function

• Leads the information security function across the Firm to ensure consistent and high-quality information security management in support of the Firm’s goals
• Manages the budget for the information security function, projects, and monitoring.
• Develops, implements, and monitors a strategic, comprehensive information security program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy, and recovery of information assets owned, controlled, or/and processed by the Firm.
• Develops and enhances an up-to-date information security management framework based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
• Builds and nurtures external networks consisting of industry peers, ecosystem partners, vendors, and other relevant parties to address common trends, findings, incidents, and cybersecurity risks
• Ensures that security is embedded in the project delivery process by providing the appropriate information security policies, practices, and guidelines
• Manages and contains information security incidents and events to protect corporate IT assets, intellectual property, regulated data, and the Firm's reputation
• Monitors the external threat environment for emerging threats, and advises relevant stakeholders on the appropriate courses of action
• Coordinates the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provides direction, support, and in-house consulting in these areas
• Facilitates and supports the development of asset inventories, including information assets in cloud services and in other parties in the organization's ecosystem

Key Skills & Experience

• Demonstrated experience and success in manager role in risk management, information security, and IT security

• Degree in business administration or a technology-related field, or equivalent work- or education-related experience

• Ideally experience will range between 5-10 years' within this field

• Knowledge of common information security management frameworks, such as SOC2 Type 1/ISAE3000, ISO/IEC 27001, as well as those from NIST and Cyber Essentials Plus.

• Sound knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies

• Up-to-date knowledge of methodologies and trends in both business and IT

• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various levels.

• Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives

• Poise and ability to act calmly and competently in high-pressure, high-stress situations

• Strong problem-solving and trouble-shooting skills

• Self-motivated and possessing of a high sense of urgency and personal integrity

Ideally you'll also have;

• Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM)

• Experience successfully executing audit programs that meet the objectives of excellence in a dynamic business environment. Whether through client or regulation needs such as FCA or SEC compliance.

What can we offer you?

New joiners are supported by a week-long induction programme, and continuous improvement is achieved through a structured and tailored programme that suits your career development.

As well as this we offer a whole host of benefits and reward including.

• Competitive Salary

• 25 days holiday

• Discretionary Bonus Scheme

• Pension Scheme

• Extensive investment in personal development & learning

• Enhanced maternity and paternity leave (depending on length of service) and shared parental leave

• Private medical insurance

• Group Income protection

• Life assurance

• Cycle to work schemes

• Regular social, cultural and charitable activities

About Teneo

Teneo advises business leaders, enabling them to achieve goals faster and at lower cost by earning trust, navigating disruption and removing barriers. We are built to help businesses succeed in a world no longer defined by boundaries and disciplines. Working exclusively with the CEOs and senior executives of the world’s leading companies, Teneo provides strategic counsel across their full range of key objectives and issues.

Our clients include a significant number of the FTSE 100 and Fortune 100, as well as other global public and private corporations.

We’re an ambitious, global consultancy which allows candidates unmatched opportunities to develop and work with inspiring, motivated people. Our teams bring together the disciplines of strategic communications, investor relations, restructuring, management consulting, physical & cyber risk, financial advisory, corporate governance advisory, ESG,  DE&I, political & policy risk, and talent advisory, to solve for the most complex business challenges and opportunities. We aim to make companies and institutions stronger and more valuable. We are capable of advising at the most senior levels across the world’s leading businesses and organisations and we’re proud to work with some of the strongest brands in the world.

Across the globe, Teneo employs more than 1,200 people, offering global reach from a light infrastructure, built out of regional hubs.

Our culture is critical to our success. We have a flat management structure with an open and supportive office atmosphere. To support progression and learning, we foster a supportive environment with a focus on mental health and wellbeing as well as adopting an inclusive environment that allows all employees to flourish.  We recognise that diversity is essential for our business and encourage applicants from all backgrounds.

At Teneo, we have fully embraced hybrid working and redefined the way we work such that it facilitates collaboration, optimises productivity and promotes the health and wellbeing of our people. We are also happy to discuss other forms of flexible working so please let us know if this is something you would like to discuss.