I am working with a renowned SaaS provider in the search for a Head of Information Security to take the reins on their cyber and information security with a plethora of exciting projects to get stuck in with.

The ideal candidate will have worked in a senior Information Security leadership role within a SAAS/Cloud environment, be experienced with the security principles surrounding business acquisitions and have a nice hybrid of traditional Information Security knowledge (ISO27001, GRC, NIST, Cyber Essentials Plus etc.) alongside a technical cyber understanding enabling them to create and ensure the adherence of policies in a cloud-focused SaaS business in which they will be developing a robust information security strategy.

Reporting in to the CTO and responsible for enhancing the current brownfield security function

Responsible for maintaining ISO27001 and Cyber Essentials + accreditations

Expanding the scope of ISO27001

Responsible for the maintenance and continual adaptation of the ISMS

Rationalising the organisation’s cloud providers from a security perspective

Overseeing acquisitions from a security perspective (Due diligence, third party risk, supplier assurance)

Responsible for governance, risk and compliance across the business

Acting as a point of contact / SME for anything information / cybersecurity related

Liaising with third parties, suppliers, and professional bodies and leveraging relationships with them to enhance organisational security.

Overseeing the risk function, assessing the current risk posture and aligning future initiatives with risk appetite

Overseeing risk identification, documentation and mitigation

Responsible for developing and implementing a risk management strategy

Continually monitoring the information security strategy

Collaborating with senior stakeholders, developing and maintaining external and internal relationships

Some experience spanning both Information Security and Technical Cyber Security at a leadership level

Experience within a SAAS or cloud-orientated business would be ideal

Experience acting as a senior security professional overseeing business acquisitions

Experience within brownfield security environments in a leadership or policy-creation capacity

Strong technical understanding, ideally stemming from prior experience in technical IT areas (infrastructure, networking, software development)

An in-depth understanding of, and experience maintaining and increasing the scope of ISO27001

Demonstrable stakeholder engagement skills

Pragmatic and business solution focused mindset

Strong technical background and the ability to communicate and understand technical and non-technical information

Salary: £80,000 to £100,000 per annum depending on experience

Annual bonus and additional financial incentives

28 days leave plus bank holidays plus 5 purchasable able extra days

Flexible and hybrid working

Competitive pension

More benefits available

If you're interested in this role

Click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career.