Job Description: Head of Cyber Security
As the Head of Cyber Security, you will be responsible for directing the Group's Cyber Security Strategy and enhancing our Security Posture as needed. You will collaborate closely with Divisional IT leaders to ensure the effective delivery and management of security capabilities. Leading a skilled team of Security Analysts, you will manage relationships with MSSPs and oversee all Security Initiatives. You will serve as the escalation point and cyber security authority for security tickets and requests from the business.
Reporting directly to the CIO, you will be part of the Senior IT Leadership team.
Responsibilities:
Security Program Delivery
1. Develop and present Strategic Roadmaps for Global Security Capabilities to the Executive Board.
2. Execute Cyber Security projects and initiatives aligned with Group and IT Strategy.
3. Oversee the Group Security Budget, including annual budgeting and quarterly forecasting.
4. Manage relationships with external partners, including contract negotiations.
5. Engage with key internal stakeholders, providing updates on the progress of key projects.
6. Integrate newly acquired businesses into our Group-wide security applications.
Incident Response
7. Respond to Cyber Security incidents, acting as the Incident Manager in accordance with Incident Response Protocols and working with relevant parties to resolve issues.
Cyber Security Governance / Risk / Compliance
8. Identify and assess security risks across the technology estate and support Divisional IT teams in mitigating those risks. Report remediation activities and status to senior leadership.
9. Collaborate with global IT Teams to address gaps against Group Information Security Policy, ensuring action plans are in place and monitored.
10. Report metrics to IT Divisional leadership on control effectiveness.
Cyber Security Operations
11. Monitor all security solutions for effective and appropriate operations, including firewalls, email/web filtering, endpoint detection, and asset and vulnerability management tools.
12. Ensure staff training programs are in place to maintain high levels of cyber security awareness.
13. Act as a security authority for third-party audits and internal IT projects.
14. Collaborate with data protection colleagues on GDPR and data security matters.
15. Line manage the team (1 Security Analyst, 1 Security Specialist), providing support, training, personal development plans, and conducting 1-2-1 reviews.
Key Upcoming Projects
16. Assist in developing a new zero-trust WAN solution to support the business, enhance security, and simplify the on-boarding of acquired entities.
17. Advise on Cyber Security OT requirements to support the restructuring of the UK & Ireland manufacturing footprint and the construction of new manufacturing facilities.
Essential Experience and Skills
18. Minimum of 5 years’ experience in a Cyber Security management role.
19. Hands-on experience across various security stacks, including Incident Response (IR), Endpoint Detection and Response (EDR), Vulnerability Management, Security Information and Event Management (SIEM), patching, email security, web security, firewalls, cloud security, application security, and Operational Technology (OT) security.
20. Proven ability to communicate strategic vision, ensuring the security stack is cost-effective, purpose-fit, and aligned with business and IT objectives.
21. Experience in Incident Response and Incident Management.
22. Exceptional communication and leadership skills with the ability to clearly articulate security objectives to business leadership.
23. Demonstrated ability to create strategic roadmaps and deliver projects within timelines and budgets.
24. Relevant Cyber Security certifications such as CISM, CISSP, or GAIC.
Key Competencies
25. Ability to operate effectively with minimal supervision and a high level of responsibility.
26. Capability to prioritize workloads and achieve objectives.
27. Commitment to providing high-quality customer service and managing key stakeholder relationships.
28. Ability to work under pressure and meet tight deadlines.
29. Enthusiastic, can-do attitude.
30. Team player who engages with peers and management, sharing workloads and collaborating effectively.