My client, a leading financial services provider in Edinburgh are actively looking for an interim CISO to join their team on an initial 3 month engagement. This is an extremely strategic role and will involve working with a number of outsourced partners, across their ecosystem in order to continue to deliver their security transformation programme.
- Lead, shape and deliver all aspects of the Information Security and Records Management strategy to support delivery of the long term plans and
- Accountable for ensuring that all Information Security Incidents are effectively managed and lead incidents where applicable across the Sainsbury's Bank
- Accountable for ensuring that Bank Policy Standards for Information Security and Records Management are managed and maintained, including first line control
- Accountable for ensuring that Information Security and Records Management services are managed in full compliance with the Policy
- Ensure that Information Security and Records Management control requirements are adequately covered by Supply Chain Management due diligence and assurance
- Responsible for owning and delivering an Information Security and Records Management continuous improvement
- Manage the delivery of BAU Change in relation to Information Security and ensure that all change is compliant with the Information Security, Records Management policy standards.
- Ensure appropriate reporting into the Risk Committee, Executive Committee and Board.
- Accountable for Information Security and Records Management budgets ensuring that they are monitored and managed effectively within
- Provide Subject Matter Expertise on Information Security, Records Management to all business functions and responsible for business function engagement plans to ensure compliance across the business.
- Provide clear and precise communication to a variety of stakeholders, up to and including the Bank
- Extensive Information Security Management experience at a senior level (preferably within the finance industry) and a Professional Qualification/Certification or Graduate Degree in relevant discipline(s) would be advantageous.
- Understanding of statutory, regulatory and payment scheme requirements that impact Information Security e.g. experience of at least one or more of ISO27001, NIST and payment scheme regulation e.g. PCI DSS, SWIFT CSP, Link, etc.
- Understanding of statutory, regulatory and payment scheme requirements that impact Records Management.
- Ability to build and maintain strong relationships with senior stakeholders and key outsourced IT suppliers.
You will need to be immediately available in order to be considered for this opportunity as they need someone to start mid - late January.