Head – Security Assurance

Our Client is seeking a mature and experienced Information Security professional for the role of Head - Security Assurance.

KEY RESPONSIBILITIES:   

• Set the vision and roadmap for the development of Cybersecurity operational technical capabilities.
• Advise the CEO and Board on matters related to Information Security.
• Development of information security strategy for the organisation and related enterprise wide projects.
• Plan, execute and monitor information security operations to reduce risk and in alignment with approved cyber security strategies.
• Manage enterprise cybersecurity technology needs, stakeholder relationships, and capability maturity.
• Develop and maintain an incident response management program that includes incident detection, analysis, containment, eradication, recovery and chain of evidence / forensic artefacts required for additional investigations.
• Proactively champion new opportunities for automation, innovation, and technical excellence within the cybersecurity sphere, bringing thought leadership and deep technical expertise to drive adoption.
• Provide strong, visible leadership to the Security Assurance team, fostering a culture of professionalism, accountability, and continuous improvement.
• Build organisational capability by developing talent, managing performance, and implementing structured learning and succession plans.

QUALIFICATIONS AND EXPERIENCE:     

Postgraduate qualifications (MSc/MBA) in Information Security or related field including:

• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)
• Certified Risk Information Systems Control (CRISC)
• 8+ years’ experience in a combination of risk management, information security and IT jobs.
• Knowledge of common information security management frameworks, such as ISO/IEC 27001,ITIL, COBIT, NIST and MITRE ATT&ACK framework.
• Knowledge and understanding of relevant legal and regulatory requirements, such as Data Protection Act 2011, Computer Misuse Act, Health Insurance Portability and Accountability Act (HIPAA), US/EU Data Privacy laws.
• Demonstrated track record of promoting Information Security and Risk Management concepts and practices.
• Knowledge of wider organisational processes and experience in evaluating information security as a key business requirement across functional areas.
• 5+ years’ progressive experience in a leadership/ management role.