Chief Information Security Officer

About The Role

The Chief Information Security Officer (CISO) is a senior leader responsible for establishing and maintaining the organisation's vision, strategy, and programs related to information security. The CISO plays a crucial role in safeguarding the organisation's sensitive data, intellectual property, and information systems from potential threats and cyberattacks.

The CISO collaborates with various departments, including IT, legal, business risk, and business units, to ensure the implementation of effective security measures and adherence to industry best practices and regulatory requirements. As CISO, you will be responsible for:

• Information Security Strategy: Develop and communicate a comprehensive information security strategy that aligns with the overall business goals and objectives. Ensure adherence to this strategy across the entire technology estate.
• Risk Management: Identify, assess, and prioritise security risks, considering potential impact on the organisation's operations, reputation, and finances. Implement security risk mitigation measures and foster a security-aware organisational culture.
• Security Governance: Work with the Data Protection team to establish and maintain the organisation's information security governance framework, including policies, standards, and procedures. Ensure compliance with applicable laws and standards such as GDPR, ISO 27001, NIST.
• Incident Response: Oversee the development and testing of incident response plans. Coordinate with stakeholders to respond to cybersecurity incidents effectively, minimising damage.
• IT Continuity: Ensure disaster recovery testing and support IT continuity management. Represent IT continuity in relevant committees.
• Security Architecture: Collaborate with IT to design and maintain secure infrastructure and applications, ensuring security controls are integrated from the outset.
• Vendor and Third-Party Risk Management: Assess and monitor the security posture of third-party vendors and service providers.
• Security Compliance and Auditing: Review security measures, support audits, and ensure remediation of findings.
• Security Incident Reporting: Report on security posture to leadership and communicate security initiatives. Participate in governance forums.
• Industry Knowledge and Innovation: Stay updated on cybersecurity trends and introduce innovative solutions to enhance security.
• Budgeting, Supplier and Cost Control: Manage the security department budget, control expenses, and oversee suppliers.
• Team Leadership: Lead and mentor the security team, fostering a culture of accountability and collaboration. Define standards and build capabilities.

About You

• Proven experience in information security and leadership roles.
• Strong knowledge of cybersecurity principles and standards.
• Understanding of data protection and privacy regulations.
• Excellent leadership, communication, and interpersonal skills.
• Strategic thinking and risk assessment skills.
• Experience in budgeting and resource management.
• Relevant certifications such as CISSP, CISM, or CISA.

About The Company

Motability Operations is dedicated to providing worry-free mobility solutions across the UK, serving over 630,000 customers. As the largest car fleet operator in the UK, we work with numerous dealers and manufacturers, committed to outstanding customer service.

Our values are solutions, change, and care. We offer a competitive rewards package, including bonuses, pension, generous leave, private healthcare, and various voluntary benefits. We support diversity and inclusion, providing accessible workplaces and flexible working arrangements.