Information Security (GRC) Lead | £80,000 | W London | Multinational B
Posted on Mar 6, 2020 by RedCat Solutions
Information Security (GRC) Lead
- This position is responsible for aligning security initiatives with enterprise programs and business objectives and for ensuring that information assets and technologies are adequately protected. You will be responsible for driving Information Security GRC initiatives on a global level across all regions and will act as the business facing lead for Information Security in the EMEA region.
- The individual is responsible for proactively protecting information assets from unauthorized or inappropriate access, use or disclosure as well as business disruptions.
- Develops an understanding of the organisations current and forward-looking threat profile using requirements to improve the organisations Information Security Program.
- Responsible for managing regional Information Security Risk & Compliance functions to implement our global security policies, standards and controls.
- Responsible for ensuring that international, national and local Information Security and Privacy regulations are being followed.
- Protects valuable information and maintains the confidentiality and integrity of data through:
- Knowledge of security management, network & protocols, data and application security solutions
- Knowledge of industry trends and current and emerging risks
- Directs risk analysis discussions with global businesses.
- Supports electronic discovery and digital forensic investigations.
- Provides expertise, guidance and advice related to all information security issues within the region.
- Monitors and reviews regulatory updates and issues relative to pertinent security regulatory requirements (such as GDPR, PCI or SOX) and escalates findings appropriately.
Education and Certification:
- Bachelor's degree in Information Security, Computer Science, Information Management Systems, or related field required. Master's degree preferred.
- Certificate in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP) or Certified Information Systems Manager (CISM) preferred. May substitute an equivalent combination of education, experience and other relevant industry certifications.
- Minimum 8+ years of progressive IT experience in a combination of Risk Management, Information Security and IT roles.
- Knowledge of applicable industry rules and expertise in Information Security best practices and implementing Information Security Frameworks.
- Risk management experience with proven ability to effectively apply risk principles to challenging business situations.
- Excellent influencing and problem resolution skills