Director, Data Security & Governance

Our client, a FTSE 100 global Entertainment business, is looking to hire an experienced and strategic Director of Information Security with a strong focus on delivering Data Security and Privacy programs.

The successful candidate will be responsible for developing and implementing a comprehensive data security and privacy program, ensuring the protection of sensitive information and compliance with relevant UK and EU regulations.

You will collaborate with cross-functional teams to assess risks, implement security measures, and drive a culture of security awareness within the organisation.

1. Develop and lead the overall data security strategy, aligning it with the UK and EU data protection laws and regulations.
2. Establish and maintain a road-map for continuous improvement in data security measures.
3. Ensure compliance with GDPR and other UK data protection laws.
4. Collaborate with legal and compliance teams to interpret and implement privacy requirements.
5. Conduct regular risk assessments to identify potential vulnerabilities and threats to data security.
6. Implement effective risk mitigation strategies and measures to safeguard sensitive information.
7. Develop, update, and enforce data security policies, procedures, and standards in line with UK and EU regulations.
8. Communicate and train employees on security policies and best practices.
9. Liaise with the incident response team to address and manage data security incidents.
10. Develop and maintain an incident response plan, ensuring its effectiveness and efficiency.
11. Stay abreast of emerging technologies and trends in data security.
12. Evaluate and implement security technologies that enhance data protection and privacy.
13. Assess and manage the security posture of third-party vendors and partners, ensuring compliance with UK and EU regulations.
14. Collaborate with procurement to ensure vendors meet security and privacy requirements.
15. Foster a security-conscious culture across the organisation.

• Bachelor's or Master's degree in Information Security, Computer Science, or a related field.
• Proven experience in a leadership role focused on information security.
• Experienced in delivering complex data security and privacy programs, including Big Data Security programs.
• In-depth knowledge of GDPR and other relevant data protection laws and regulations.
• Industry certifications such as CISSP, CISM, or CDPSE are highly desirable.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills, with the ability to communicate complex security concepts to non-technical stakeholders.

• Base Salary: £150,000 - £180,000
• Bonus
• Full Company Benefits: Pension, Private Medical, Life Assurance, etc
• Full Remote Working

This position will be offered as a 12-month fixed-term contract with a view to extension.

Applicants MUST be currently living in the UK and hold a valid British Passport. Unfortunately, applicants from outside of the UK will not be considered.