We have an excellent opportunity for an experienced Security Leader to oversee our security framework. This includes threat detection, vulnerability management, security monitoring, response coordination, and the development and presentation of our Security Strategy, roadmap, and initiatives.
Working in close collaboration with our Software Engineering leaders, this role will set security requirements for our software designs across the organisation. It will also involve working closely with teams throughout the company to ensure that our products and software remain secure.
As IRIS continues to grow – both through acquisitions and organic development – adapting and strengthening our security approach remains pivotal to our ongoing success.
What will you be doing?
As our Director, Information Security, your responsibilities will involve the following:
- Managing Information Security across IRIS. Leading the Security Roadmap and driving transformation projects aimed at achieving its objectives
- Providing leadership across a team of Security Engineers, Analysts and Architects
- Ensuring the effectiveness of Security Incident Response activities within IRIS' critical incident management process
- Leading IRIS' vulnerability management process, ensuring the regular and efficient distribution of Vulnerability Management Information (MI). Also, overseeing the allocation of resources and funding for vulnerability management activities across IRIS and promptly escalating any issues not meeting required response times
- Ensuring IRIS' Security Monitoring effectively safeguards against contemporary threats and evolves to maintain IRIS’ security. Collaborating with business stakeholders to align with IRIS' risk tolerance for security monitoring
- Managing Security Operations and maintaining security policies for IRIS staff
- Conducting security due diligence for potential acquisitions and playing a pivotal role in making investment recommendations
- Managing the technology risk management process and collaborating with the Group Compliance team to consistently assess risks, including the escalation of critical ones
- Possessing knowledge of Data Protection and Privacy to provide effective support to the IRIS Data Protection Officer regarding security matters
- Supporting Compliance and Audit initiatives led by the Compliance Senior Manager
- Taking ownership of security Key Performance Indicators (KPIs) and driving actions to exceed these targets.
- Staying updated on emerging threats and advising stakeholders on mitigation and defence strategies
- Establishing and enforcing application security standards and automated security tools for IRIS software products and platforms
- Collaborating with colleagues in IRIS Engineering to optimise the secure software development lifecycle
- Representing IRIS’ Security status at weekly Technology Management meetings and quarterly Security steering committee meetings
- Providing regular updates on progress, statuses and issues to the VP, Information Technology and Engineering Cloud CTO
- Leading Supplier Security reviews and assisting in responding to Customer security questionnaires.
What are we looking for?
This position is ideal for an experienced Security Leader with the following qualifications, skills, and experience:
- Certification in Cybersecurity/Information Security, e.g., CISSP, CEH, GISP, CISM, Security+
- Strong expertise in Information Security
- In-depth knowledge of information systems architecture, systems design, data analysis, and systems integration
- Significant team management and development experience
- Experience working with security suppliers
- Proven track record in implementing security practices and strategies.
In addition to the core skills/experience above, the following competencies are essential for success in this position:
- Effective communication skills for engaging with stakeholders and managing teams
- Proactive individual capable of implementing necessary business changes to safeguard the company, with the capacity to delve into details and address issues when necessary
- Goal-oriented, with a “whatever it takes” mindset to ensure the completion of critical tasks
- Inquisitive with a forward-thinking approach, given the ever-evolving nature of Cyber Security
- Methodical in work approach, demonstrating persistence in task completion
- Proficient in working swiftly and effectively, as IRIS operates in a fast-paced environment
- Effective in prioritization, planning, and communication
- A collaborative team player with a positive attitude.
We occasionally close vacancies early in the event that we receive a high volume of applications. Therefore we recommend you apply as soon as possible.
Salary: Competitive plus bonus
Location: UK Remote