- Ensure the company’s technology is safeguarded through proactive and reactive strategies to protect their product and brand
- Lead, create and implement security & business continuity strategy and roadmap aligned with wider business objectives
- Lead and develop a confident, competent and resilient information security team
- Lead the implementation and rollout of security tooling and frameworks.
- Implement and manage operational resilience across the business.
- Ensure business impact assessments are created and maintained across the business
- Identify, track, analyse and remediate cyber risk across the business
- Provide secure and compliance software applications across all areas of the business
- Identify, Manage and Partner with key business stakeholders in order to address the security requirements and threats to the business
- Lead on the implementation and upkeep on the Information Security Management System.
- Lead on the implementation and maintenance of relevant security legal, regulatory and compliance frameworks
- Represent senior stakeholder for all things security and business continuity for our clients
- Ensure the business has a practical and fit for purpose business continuity plan that is known and understood by the business
- Ensure appropriate monitoring controls are in place to identify, protect and detect threats.
- Ensure a comprehensive library is maintained of all assets with assigned ownership
- Partner with the People Team for continuous security learning and awareness requirements
- Protect the business from current and emerging threats
- Remain up to date in current industry intel and cyber security trends
- Experience defending web scale internet properties against distributed brute force attacks, DDOS and OWASP top 10 threats
- Excellent writing skills, able to author and review policy documentation
- A high level technical understanding of essential internet concepts (HTTP, SSL, TCP networks, OAuth)
- An understanding of cloud computing concepts and security at scale
- An understanding of Zero Trust and DevSecOps and the benefits they bring