Connecting linkedin

Director Information Security Policy & Risk Management

  • Location

    North America,United States of America

  • Sector:

    Information Security

  • Job type:

    Permanent

  • Salary:

    £100167.93 - £117844.62 per annum + Package

  • Contact:

    John Winfield

  • Contact email:

    johnw@montash.com

  • Contact phone:

    020 7014 0231

  • Salary high:

    117844

  • Salary low:

    100167

  • Job ref:

    DRISR_40258

  • Published:

    almost 4 years ago

  • Expiry date:

    2014-07-15

  • Startdate:

    ASAP

Position: Director Information Security Policy & Risk Management

Montash are retained by one of the world's largest consumer goods organisations with revenues in excess of $70bn, a staff of 125,000 and operations in over 100 countries.

The company is heavily federated with numerous operating companies acting independently under the group.

The position in question is for the Director of Information Security Policy & Risk Management who will be responsible for a number of key initiatives within the Group CISO function, namely:

  • Information Security Policy definition
  • Global risk assessment
  • GRC tooling
  • Strategic consulting surrounding the global ISMS implementation.

The successful individual will be a proven leader operating within a global organisation and ideally will have been through an Information Security centralisation journey in the past.

You will manage a team of Senior Managers who head up each of the 4 key initiatives and as such you will be responsible for the end to end definition of the risk management strategy within global information security and will hold the team accountable to the delivery of said strategy.

Key deliverables include:

  • Refinement and delivery of group wide, global ISMS implementation based around ISO27001 standards
  • Management and oversight of enterprise risk assessments throughout all OpCo's globally
  • Maturity of risk management tooling infrastructure
  • Definition of group Information Security standards, policies and procedures
  • Key liaison with internal/external audit, compliance and metrics and Information Security functions
  • Chair of information risk management working groups with stakeholders throughout information security
  • Provide Consultative advice on new risk management principles/methodologies to C level leadership

Qualifications:

  • Expert knowledge of information security management principles such as ISO27001/2
  • 7-10 years' experience delivering risk management within a global environment
  • MSc in Information Security
  • Bachelor's degree in Computer Science or other related field
  • Experience working in IT audit and controls environment
  • Proven reporting to Senior Director/VP Level leadership
  • Management experience of a minimum 5 direct FTE
  • Vendor management exposure