Cyber Security and Governance Director
- £90,000 to £100,000
- Permanent
Role Intro:
Our Infosec team here at MRJ are delighted to bring to market a brand new Cyber Security and Governance Director role on behalf of a leading B2C services company.
This expanding group continues to defy their market with sustained growth and has recently embarked on a buy and build strategy following a major investment round that completed 2 years ago.
ROLE:
A newly created role, Working closely with the CTO and the Group board, the Cyber Security and Governance Director position will take full end-to-end ownership / responsibility for Cyber & information security including IT infrastructure, Cyber, governance, risk and strategy across the group wide businesses.
Key responsibilities (in summary):
- Be the senior technical authority and cyber security SME, applying appropriate knowledge and skills to input into the overall cyber strategy, policy and posture, working closely with technology, data and compliance teams.
- Define and implement security policies, standards, and best practices to ensure compliance with industry regulations and maintain the highest level of security.
- Lead on the choice of security systems and strategies based on industry frameworks and standards (e.g. NIST, ISO27001) for the IT Group environments.
- Oversee the implementation of secure systems and infrastructure, including cloud-based solutions, ensuring resilience, availability, and scalability.
- Establish and maintain a robust security governance framework including ensuring that disaster recovery and business continuity plans are in place and tested.
- Ensure regular security assessments, vulnerability scans, and penetration testing are conducted in order to identify and address potential security vulnerabilities.
- Be the owner of frameworks, key processes, SLA’s and KPI’s intended to measure our performance against internal and external CSF’s and standards and report on our internal performance, including as examples NIST, Bitsight, Mitre Attack.
Required expertise, skills and experience:
An experienced information & cyber security leader, you will be comfortable rolling your sleeves up and/or leading a team, with the expertise and experience driving & delivering the security agenda across multiple countries.
It’s also expected that you’ll possess and offer the following skills:
- A strong cyber security technical background.
- Good capacity to adapt to complex environments (multiple sites, different organizations, multiple Information Systems).
- Deep understanding of all common and emerging threats, compromise and attack methods that can demonstrate that our security strategy and posture is aligned to the threat landscape.
- Expertise in conducting risk assessments, vulnerability management, and incident response.
- A strong, capable, and influential leader, who builds productive and enduring relationships internally and externally, is comfortable presenting to and engaging with stakeholders and decision makers at all levels of the organisation.
- Resilient under pressure and able to maintain focus under difficult situations e.g., major incident.
- A capable problem solver and influencer
- Outstanding communication skills both written and verbal with the ability to translate complex concepts into easily and readily understood terms.
- Good technical knowledge on IT technologies (Active Directory, Firewalls and Networking, Microsoft Office 365, Virtualization environment).
NEXT STEPS:
Apply today and MRJ's lead consultant on this role Ryan Fishwick will be in touch to discuss more.
PLEASE NOTE: This role is remote first, with 1 day per month spent in the company's HQ in Buckinghamshire