Connecting to LinkedIn...

Connecting to LinkedIn...

W1siziisijiwmtqvmdkvmzavmtavndevmzevmzkxl3n0b2nrx3bob3rvx2pvynnfynv0dg9ux29ux2tlewjvyxjkxzgwmdu4mtgxlmpwzyjdlfsiccisinrodw1iiiwimtkymhgxmjuwiyjdxq

Director Information Security Policy & Risk Management

Job Title: Director Information Security Policy & Risk Management
Contract Type: Permanent
Location: North America,United States of America
Industry:
Salary: £100167.93 - £117844.62 per annum + Package
Start Date: ASAP
REF: DRISR_40258
Contact Name: John Winfield
Contact Email: johnw@montash.com
Job Published: about 3 years ago

Job Description

Position: Director Information Security Policy & Risk Management

Montash are retained by one of the world's largest consumer goods organisations with revenues in excess of $70bn, a staff of 125,000 and operations in over 100 countries.

The company is heavily federated with numerous operating companies acting independently under the group.

The position in question is for the Director of Information Security Policy & Risk Management who will be responsible for a number of key initiatives within the Group CISO function, namely:

  • Information Security Policy definition
  • Global risk assessment
  • GRC tooling
  • Strategic consulting surrounding the global ISMS implementation.

The successful individual will be a proven leader operating within a global organisation and ideally will have been through an Information Security centralisation journey in the past.

You will manage a team of Senior Managers who head up each of the 4 key initiatives and as such you will be responsible for the end to end definition of the risk management strategy within global information security and will hold the team accountable to the delivery of said strategy.

Key deliverables include:

  • Refinement and delivery of group wide, global ISMS implementation based around ISO27001 standards
  • Management and oversight of enterprise risk assessments throughout all OpCo's globally
  • Maturity of risk management tooling infrastructure
  • Definition of group Information Security standards, policies and procedures
  • Key liaison with internal/external audit, compliance and metrics and Information Security functions
  • Chair of information risk management working groups with stakeholders throughout information security
  • Provide Consultative advice on new risk management principles/methodologies to C level leadership

Qualifications:

  • Expert knowledge of information security management principles such as ISO27001/2
  • 7-10 years' experience delivering risk management within a global environment
  • MSc in Information Security
  • Bachelor's degree in Computer Science or other related field
  • Experience working in IT audit and controls environment
  • Proven reporting to Senior Director/VP Level leadership
  • Management experience of a minimum 5 direct FTE
  • Vendor management exposure

Social Stream

Latest News

W1siziisijiwmtcvmdgvmtqvmtmvmjcvmjgvnja2l2nsb3rozxmuanbnil0swyjwiiwidgh1bwiilcizodb4mtawiyjdxq

In Her Shoes... From Market Stall to Recruitment

2017-08-14 14:00:00 +0100

From the melee of the market stall to placing candidates in high-flying IT roles, life's always on the up from market-trader-turned-recruiter, Lois Hinken (22). She took the time to talk to us about how her experience in the cut throat world of the market has helped her in the world of global talent acquisition. As a 360 recruitment consultant for Montash, her negotiation skills and "go get it" attitude have helped her thrive. "I started working on the ...

W1siziisijiwmtcvmdgvmdcvmtmvmtcvntqvnze3l1vudgl0bgvkigrlc2lnbiaomikuanbnil0swyjwiiwidgh1bwiilcizodb4mtawiyjdxq

Will AI Cost Us Our Humanity?

2017-08-07 15:00:00 +0100

As technology evolves, artificial intelligence is becoming increasingly mainstream, and it will inevitably start to impact the way we interact. On the one hand, AI has the potential to solve a variety of problems and streamline our lives and our work. But will this come at the cost of the all-important human touch? A foreshadowing statistic claims that by 2020, 85% of client interactions will be managed without a human[1]. But can there really be an alg...