Information Security Lead

Overview

As our Information Security Lead you are responsible for developing and implementing a company wide Security Strategy and Roadmap, including hands-on development and implementation of security technologies, policies and processes. The role will also provide security expertise to the business and IT by establishing trusted relationships through active engagement and collaboration.

Role Outline

• Lead the development and implementation of the Security Strategy and Roadmap which includes coordinating closely with appropriate stakeholders throughout the business to implement key initiatives.
  
  
• Perform technical security assessments across the business, identify and prioritise security issues, and work the key stakeholders to develop remedial actions for non-compliance areas.
  
  
• Evaluate alerts from security tools to determine the impact of security issues on company deployed solutions and help to formulate action plans for remediation.
  
  
• Respond to (and if needed, manage) security incidents as they arise which includes coordinating with the appropriate stakeholders across the business to contain and eradicate the security issue. 
  
  
• Develop security policies and standards and ensure they are communicated and adhered to across the business.
  
  
• Build and develop long term relationships with various business stakeholders which includes regular updates to the Cyber Security Committee.
  
  
• Work with internal teams and stakeholders with the adoption and implementation of ISO:27001. 

• Support client pre-sales and regular security diligence processes on our policies and security stance
  

Requirements

Skills / Experience

• 8 to 10+ years of cyber / information security experience in a mix of industry and consulting work .
  
  
• Experience achieving standard ands certifications such as ISO27001, ISO22301, and Cyber Essentials Plus. 
  
  
• Good understanding and experience leveraging a cyber security controls framework such as NIST.
  
  
• Application security / development background and proven experience working with developers including implementing various security controls within the SDLC process.
  
  

• Hands-on experience in responding to security incidents, performing forensics and attack analysis.
  
  
• Strong interpersonal skills and experience of developing strong relationships, either as a consultant or demonstration of significant influencing abilities within an organisation.
  
  
• Strong business acumen with the ability to build business cases for technology initiatives and to effectively communicate the value proposition to non-technical stakeholders.

• Highly motivated individual who has the natural ability to build relationships and work independently.
  
• Certifications in one or more of the following areas are highly desired: CISSP, CISM, GISO, GCIH.

Benefits

Why join AND Digital?

We have three values: wonder, share, and delight. These values inform how we work with clients, and our culture: what it feels like to work for AND. We believe collaboration, ambition, curiosity and fun can drive innovation by creating a better environment for problem-solving.

By joining AND, we’ll provide:

• Opportunities to work on projects with big clients and the chance to produce meaningful work that makes a difference to people’s lives.
• A “Blended Working” model, meaning you will be able to work in a range of locations from; your home, in your clubhouse, on a client, as well as just a change of scenery.
• A dedicated career scrum team, designed to help you reach your career goals and develop the skills you need to be your best self.
• An annual budget for training and upskilling, including allocated days off so you don’t have to study in your own free time.
• Monthly and quarterly team socials - on us - ranging from after work drinks, to driving experience days with your fellow club members.

A safe environment for you to be yourself and challenge yourself.

Equal Opportunities:

At AND Digital we embrace diversity and are committed to equal opportunities. We are actively recruiting for a diverse and inclusive workforce so want to ensure we do everything we can to support your application.
We want you to feel safe and empowered to let us know if you require any adjustments to be made to your application or interview process so please speak to our recruitment team.

Apply for this job