Information Security Risk & Resilience Lead

Information Security Risk & Resilience Lead

Job Title: Information Security Risk & Resilience Lead
Contract Type: Permanent
Location: City of London, London
Salary: £65000 - £85000 per annum + + 20-40% Bonus + Generous Benefits
Start Date: ASAP
Reference: JDISRRL_1581501369
Contact Name: Jonathan Dale
Contact Email:
Job Published: February 12, 2020 09:56

Job Description

Senior Information Security Risk & Resilience Lead

Currently working with a boutique UK Insurance firm who are looking to bring in a Senior Information Security Risk & Resilience Lead. The company are one of the fastest growing and most profitable insurance firms worldwide and are in the initial stages of building out their internal Information Security capability, meaning the successful candidate will have genuine scope to help shape how the function is built.

Working closely with the Head of Information Security, you will be given significant responsibility from day one to lead on projects and drive business resilience and information assurance across the organisation. You will be expected to hit the ground running, picking up technologies and helping drive the transformation of the organisation from a compliance led to a risk focused information security practice.

Key Responsibilities:

  • Act as a lead and SME on all information security risk and resilience related issues, driving the adoption and implementation of security best practices.
  • Work closely with the Head of Information Security to set out and deliver the Information Security strategy, policies and processes.
  • Consult with senior technology and business leaders regarding information security risks and their role in minimising exposure to those risks.
  • Define and maintain the information security training and awareness roadmap, building a culture where security is not an afterthought for the business.
  • Develop and maintain key risk indicators for the security control environment.
  • Design and implement a third-party assurance framework which captures oversight of risks across the entire business.

Required Skills:

  • Significant knowledge of and experience implementing various security frameworks, particularly ISO27001 and ISO22301, as well as exposure to NIST.
  • Excellent communication skills with the ability to liaise with senior stakeholders and non-technical audiences, translating technical concepts into business risks.
  • Knowledge of information security risk management frameworks and compliance practices.
  • Genuine drive and motivation - ability to successfully handle multiple tasks, working to achieve challenges and overcome obstacles, taking the initiative to improve your own performance.
  • Prior experience leading on projects and managing third-party supplier relationships.
  • Minimum 2-5 years' experience in an Information Security Risk / Resilience / Compliance focused position.

This is a fantastic opportunity for someone with genuine drive and ambition to really accelerate their career within Information Security who wants to take the lead on projects and really shape the Information Security department of one of the fastest growing Insurance firms worldwide.

Lawrence Harvey is acting as an employment agency in regards to this position. Visit our website and follow us on Twitter for all live vacancies @lawharveyjobs