European Information Security Officer
This is an exciting regional leadership function within a Global Team that would suit a candidate who is looking for progression and able to implement Global Security Policy by enabling the business with a proactive and strategic view of Information Security.
The candidate will promote approaches to business model and security projects with business understanding and proactive management of European regulation and contribution to the Global Information Security Strategy.
The EISO will present to European Risk Committee and Board responsible for enabling the current state and future roadmap of Information Security within a highly regulated environment.
Other important relationships will the oversight and management of 3rd Party Vendors including contractual negotiations and risk analysis.
- To support, review and continue to improve on the existing information security program, utilizing a risk-based approach in accordance with global security policies, working closely with the Global team.
- Enhance the overall security position and realize business value from security investments.
- Proactively identify control gaps and facilitate the development and implementation of remediation actions.
- Role will primarily have a European focus, but will be involved in enterprise-wide activities as required.
- Define and govern information security controls to include periodic testing for effectiveness, reporting, quality documentation and audit trails.
- Conduct periodic security risk/vulnerability assessments, assessing overall exposures and identifying the actions required to address any gaps. Create a process to manage and approve exceptions to the security policy.
- Periodically lead cross-functional, matrix project teams to design and implement new security solutions, such as identity management, data leakage protection and/or encryption.
- Provide point of contact for all information security matters and support security investigations as requested.
- Oversee an on-going security awareness program for employees across the business and IT.
- Create a security scorecard for reporting to senior IT management. Develop key risk indicators.
- Provide subject matter expertise and consultative support to application developers in the identification of information security issues and requirements.
- Collaborate with the other regional security officers in adopting best security practices and global standards. Collaborate with IT units and auditors to validate and verify audit findings and/or deficiencies.
Skills and Experience
Extensive experience working in an Information Security Manager role within the financial services sector, with exposure and experience of multiple platforms (Windows, Unix, AS/400).
We will consider a range of backgrounds so if you feel you are suitable then please contact Mathew on firstname.lastname@example.org or +44 (0)20 3137 3075. At BartleyHeath we guarantee you feedback on your submission.