This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Blog
We’re Hiring: Head of Security
Head of Security
Location: London
Reporting to: Group CEO
The Role:
As a member of the Conosco Leadership Team, the primary role of the Head of Security is to oversee both the UK-based consulting capability as well as the South Africa-based SOC teams and manage the Conosco Security Division (CSD) as a whole. Additionally, to define and create the CSD B2B service offerings and departmental documentation/procedures, drive the growth of the CSD revenue and capability (both technical and resource), and champion information security internally to Conosco, the Group, and its clients.
Job Responsibilities
- Plan and execute the growth strategy for the CSD, including marketing and sales-related responsibilities
- Oversee the planning, QA and delivery of CSD consulting work to clients and prospects
- Deliver services to clients including ISO27001 implementation and audits, general security audit and consulting services, and technical security incident investigations
- Review and implement the creation of additional CSD capabilities and offerings across both Consulting and Security Operations Centre (SOC) workstreams
- Manage Conosco’s internal security monitoring, vulnerability posture and information protection
- Plan and deliver Information Security awareness training, and champion Information and Cyber Security within Conosco, and for our clients.
- Ultimate responsibility for Conosco’s ISO 27001 ISMS and GDPR compliance
- Be the Security Subject Matter Expert for Conosco and wider Tosca Group
- Lead the Conosco Security Division to meet its objectives and KPIs
Job Duties
- Reporting on Conosco’s ISMS and security posture to the Group CEO and Leadership Team
- Leading regular CSD team meetings
- Participate in regular client meetings as required to represent the CSD and sell services
- Provide technical and best practice security advice to clients, fulfilling the role of technical account manager for security matters, and be a virtual CISO for clients
- Maintain and grow a broad network of contacts, including hosting events to increase the CSD’s exposure
- Ensure the security and compliance of Conosco, and our clients
- Grow the Security Division (team, capability, quality, efficiency, revenue)
- Regular travel to/from UK and South Africa
Qualifications
The successful candidate will be expected to have a strong technical, networking and support related background as well as Info and Cyber security-related experience, along with associated industry-standard certifications. B2B experience across a broad set of industry verticals from smaller SME to mid-market enterprises is essential.
Technical
- ISO 27001:2013 Lead Auditor
- ISO 27001:2013 Lead Implementer
- ISO 9001:2015 Internal Auditor
- GDPR Data Protection Officer
- EC Council Certified Ethical Hacker
- CompTIA Security+
- CCNP level networking certification, or equivalent
- CCNA Security or Design certification
- Microsoft certifications, or similar technical certifications
- ISACA CISM
Soft skills
- Exceptional interpersonal communication, ability to communicate at a business strategy level with C-Suite executives and at a technical level with engineers
- Well presented for client-facing engagements, possessing gravitas and confidence when engaging with clients.
- Excellent written communication skills, able to write documentation for all levels of business, from executive summaries to forensic incident investigation reports
- Possessing an understanding of business management and strategy, as well as financial, marketing and sales ability
- Knowledge of international legal and compliance requirements across data protection and information security
- Understanding of global Security trends and developments, and the implications of international InfoSec and CyberSec developments
- Demonstrable history of good job performance
Professional membership of at least 2 international InfoSec related bodies.
Desirable Experience
Exposure to and understanding of business strategy is vital to leading a division, including understanding of financial considerations and planning, and the marketing and sales of service offerings to clients.
- At least 12 years in technical networking and support roles
- At least 2 years in a Security role
- Previous Senior Management experience
- Experience leading geographically dispersed teams
- Experience delivering consulting work to multiple clients
- Experience with forensic incident investigation
- Experience implementing and managing ISO 27001:2013 ISMS’s
- Experience implementing PCI DSS
- Experience implementing GDPR related controls for compliance, and performing DPO tasks
- Experience implementing and operating SIEM platforms
- Experience interpreting and remediating vulnerability scan and penetration test findings