Connecting to LinkedIn...

Connecting to LinkedIn...


Director Information Security Policy & Risk Management

Job Title: Director Information Security Policy & Risk Management
Contract Type: Permanent
Location: North America,United States of America
Salary: £100167.93 - £117844.62 per annum + Package
Start Date: ASAP
REF: DRISR_40258
Contact Name: John Winfield
Contact Email:
Job Published: over 2 years ago

Job Description

Position: Director Information Security Policy & Risk Management

Montash are retained by one of the world's largest consumer goods organisations with revenues in excess of $70bn, a staff of 125,000 and operations in over 100 countries.

The company is heavily federated with numerous operating companies acting independently under the group.

The position in question is for the Director of Information Security Policy & Risk Management who will be responsible for a number of key initiatives within the Group CISO function, namely:

  • Information Security Policy definition
  • Global risk assessment
  • GRC tooling
  • Strategic consulting surrounding the global ISMS implementation.

The successful individual will be a proven leader operating within a global organisation and ideally will have been through an Information Security centralisation journey in the past.

You will manage a team of Senior Managers who head up each of the 4 key initiatives and as such you will be responsible for the end to end definition of the risk management strategy within global information security and will hold the team accountable to the delivery of said strategy.

Key deliverables include:

  • Refinement and delivery of group wide, global ISMS implementation based around ISO27001 standards
  • Management and oversight of enterprise risk assessments throughout all OpCo's globally
  • Maturity of risk management tooling infrastructure
  • Definition of group Information Security standards, policies and procedures
  • Key liaison with internal/external audit, compliance and metrics and Information Security functions
  • Chair of information risk management working groups with stakeholders throughout information security
  • Provide Consultative advice on new risk management principles/methodologies to C level leadership


  • Expert knowledge of information security management principles such as ISO27001/2
  • 7-10 years' experience delivering risk management within a global environment
  • MSc in Information Security
  • Bachelor's degree in Computer Science or other related field
  • Experience working in IT audit and controls environment
  • Proven reporting to Senior Director/VP Level leadership
  • Management experience of a minimum 5 direct FTE
  • Vendor management exposure

Social Stream

Latest News


Virgin Atlantic adopts Salesforce to promote ...

2016-10-26 10:00:00 +0100

Salesforce, one of the global leaders in Customer Relationship Management (CRM) tools, is used by thousands of companies around the world. Now, Virgin Atlantic Airlines has said that not only do the solutions provide an effective modern tool for business, but they can also be used to promote community culture. Speaking about the benefits that his firm has seen, Virgin Atlantic Head of Global Sales Effectiveness Spencer Collins said that the solution pro...


SAP announces partnership with STC

2016-10-25 10:00:00 +0100

One of the world’s leading providers of enterprise resource planning (ERP) solutions, SAP, has revealed that it is partnering with STC Advanced Solutions to offer both private and public sector organisations more empowerment. The two firms will be working alongside one another to provide cloud-based subscription services to firms of all sizes. This will help to deliver better information communication technology (ICT) across the Kingdom of Saudi Arabia....