Assess and analyse the risks, make sure that the rest of the business is aware
Fix any issues and continually improve to keep our customers and colleagues’ information safe
Be the point of contact for your peers as they will turn to you for advice on how new systems and processes are being developed
Ensuring systems and processes meet our compliance requirements and our own high-security standards
Work with colleagues across the world to ensure that all areas of our business are doing everything they should to protect our systems and sensitive information
Gain an in-depth understanding of all areas of our business and technologies, analyse their risks and put forward recommendations and solutions to continually improve our security posture
Work with lots of our third-party suppliers (from multi-national organisations to niche software development houses) to ensure that they meet the same security standards that we expect of our own internal teams
Help the rest of our business understand how to play their part in keeping information safe by providing training and guidance
Write and raise awareness of our security policies and work with different areas of our business to integrate these with existing standards and processes
Travel to each of our office locations around the World according to the business needs
Inside-out knowledge of ISO27001 and PCI-DSS
You are in possession of technical security and audit certifications such as: GIAC, CEH, CISSP, CISA, CISM, CRISC, CGEIT, CCSP, PCI DSS QSA/ISA, and ISO27001 Lead Auditor.
You are great with people and will be able to quickly build good working relationships with anybody in our business and partners.
You have broad information security knowledge including networking, infrastructure and operating systems, databases, cloud and application security.
Possess the ability to objectively evaluate risk and communicate it to colleagues and techies responsible for implementing solutions to reduce risk exposure.