Enable job alerts via email!

Head of Information Security

JR United Kingdom

Reading

On-site

GBP 70,000 - 110,000

Full time

Today

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

An established industry player is seeking a Head of Information Security to spearhead their security strategy and compliance initiatives. In this pivotal role, you will lead the implementation of ISO27001 and ISO9001 recertifications, develop security policies, and manage the Information Security Management System. You will be responsible for advising senior management on emerging threats and compliance gaps while overseeing training and audits. This is a fantastic opportunity to make a significant impact in a dynamic online retail environment, where your expertise will help shape the future of information security.

Qualifications

Proven track record in leading ISO27001 & ISO9001 certifications.
Experience in managing information security policies and compliance.

Responsibilities

Lead the information security strategy and implementation.
Manage the Information Security Management System and audits.
Develop security KPIs and track compliance with standards.

Skills

ISO27001 Certification

ISO9001 Certification

Risk Management

Cybersecurity

GDPR Compliance

Security Policy Development

Incident Response Management

Education

ISO27001 Lead Implementer Qualification

ISO27001 Auditor Qualification

Tools

GRC Controls

Social network you want to login/join with:

Head of Information Security

Required for an online retail business. The role will initially focus on ISO27001 & ISO9001 recertifications.

Responsibilities

Lead on information security strategy and implementation of security roadmap.
Develop security KPIs and track their progress.
Advise senior management on risk levels and any changes impacting security posture, including emerging threats.
Create, maintain, and implement information security policies.
Continuously validate the firm against policies and procedures to ensure compliance with ISO 27001, ISO 9001, Cyber Essentials+, and GDPR.
Manage and continuously improve the firm's Information Security Management System.
Oversee the information security training and awareness program.
Lead internal and external audits and track findings through to mitigation.
Identify and communicate emerging security threats with relevant stakeholders.
Provide security due diligence in procurement processes and oversee ongoing supplier assurance.
Manage security incidents and coordinate incident response processes.
Select and implement GRC controls and assist in the selection and implementation of security technologies.
Identify security requirements specific to IT systems throughout their lifecycle.
Develop or enhance security procedures to mitigate potential threats.
Ensure cybersecurity requirements are embedded into new programs of work.
Provide management and mentorship to security teams and staff.
Create and lead the Security Operations Centre (SOC), ensuring real-time monitoring and incident response.
Drive security awareness training and GRC initiatives.
Report to senior stakeholders on threats, compliance gaps, and mitigation progress.
Conduct risk assessments, maintain risk registers, and develop risk treatment plans.
Support vulnerability management processes, assess risks, and prioritize remediation efforts.
Lead ISO 27001 and ISO 9001 audits and ensure GDPR compliance.
Support IT projects by managing controls, providing guidance, and assessing risks.

Ideal candidates will have a proven track record of leading organizations through ISO27001 & ISO 9001 certifications. ISO27001 lead implementer or auditor qualifications are essential.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.

Similar jobs