Chief Information Security Officer

Chief Information Security Officer

12-month contract

Hybrid - Mostly remote

I'm supporting a globally recognized client seeking a Chief Information Security Officer to lead their team. The ideal candidate will be a seasoned strategic leader with extensive expertise in information and cybersecurity. This CISO will drive, plan, and oversee key initiatives within a dynamic tech environment, aligning cybersecurity goals with business objectives to ensure strategic and operational excellence. This role is crucial for advancing risk management, strengthening cybersecurity culture, and enhancing overall compliance.

Key Responsibilities

Strategic Delivery

• Perform and maintain business impact analysis and risk assessment concerning information- and cyber security
• Identify, assess, and report high-value assets (HVAs) and significant information security risks.
• Establish and maintain strategic and short-term information- and cyber security goals
• Create a comprehensive cybersecurity strategy and roadmap, aligned with identified risks and organizational goals.
• Document cyber security strategy and roadmap including short- and long-term goals based of risk assessments, business unit objectives and Information Security Strategy and Goals
• Monitor, follow-up and report on progress and agreed information- and cybersecurity goals, KPIs, risks, compliance levels and issues
• Monitor and report on overall cost and outcome (utilisation and effectiveness) of cyber security investments according to the information security value delivery guidelines.

Tactical and Operational Responsibilities

• Ensure alignment of policies, standards, and guidelines with cybersecurity and information security requirements.
• Support adherence to frameworks, such as Information Security Policy, Data Privacy, PCI DSS, and more.
• Work continuously to strengthen and integrate security culture into your business unit to minimise incidents
• Align cyber architecture, risk management, and vendor management with overall security strategies and compliance.
• Create a business tech environment (people, process & tech) that is compliant with Information Security requirements and regulations (Development and Production).
• Awareness Management: Create a security awareness strategy aligned with Information Security to develop a security risk culture.
• Incident: Measure the effectiveness of security controls, ability to deal with security incidents and identify areas for improvement.
• Vendor: Align vendor management to ensure that Information Security requirements, compliance and risk is managed.

Essential

Language :English fluent in reading, speaking and writing.

Education :Bachelor or Master of Engineering or IT or equivalent University degree.

Location : Remote from UK or EU, with valid passports for their country of residence.

For more information, plesae apply below.