Job Purpose

The role of Head of IS Security is to enable Our Client to manage its’ security effectively by providing strategic direction, functional leadership and oversight across the business. In addition, to provide in-depth technical expert security knowledge, support and advice in the delivery of cost effective IS security risk management to defined service levels, ensuring compliance with IS Security policies and standards the company as defined including legislative (such as data protection and software copyright law) or regulatory requirements (such as Gambling Commission) and commercial obligations (such as PCI DSS).
 

Qualifications, skills & experience

Essential:

• Exceptional experience in the eCommerce security sphere is required – likely an acknowledged leader in the field.
• A strong customer focus, recognising internal and external customers, establishing effective relationships. Aware how the external market affects the business and service
• Strong communication (verbal/written) and influencing skills, with an ability to manage internal and external relationships up to senior levels of management
• Effective team building skills to encourage positive team environment
• Proven track record and ability in leading technical staff, using wide-ranging skills (including planning, organising and interpersonal skills)
• Likely to have gained significant practical experience in IS, IS Security or equivalent areas including some years at a Senior Security or Risk Analyst level (or equivalent)
• A strong technical knowledge and appreciation of IS / IS Security principles including regulatory, legislative and industry practices gained through practical experience and/or professional qualification(s)
• Proven track record in analysing complex technical situations, articulating technical security issues and associated risks, making recommendations, influencing outcomes, decision making and ensuring successful delivery
• A technical knowledge and working application of most computer, database, applications, Internet and network and communication technologies employed across our client. In sufficient depth and breadth to be able to deliver the services (as detailed in the principle accountabilities section 4.) for multiple and complex environments / projects 
• Direct experience of the ITIL Information Security Process and IS 270001

Desirable:

• Security certifications – CISSP, CISA, CISM, GIAC
• Technical certifications – CCSP, CCSA, CCSE, CEH
• ITIL certification or experience of working within an ITIL oriented organisation.
• Security project management experience.
• Good knowledge of server and desktop systems
• Holds a degree in an IT discipline