At a Glance
- Tasks: Lead and shape our Information Security objectives while managing a dynamic team.
- Company: Join a forward-thinking company focused on innovative security solutions.
- Benefits: Competitive salary, flexible working options, and opportunities for professional growth.
- Other info: Collaborative environment with a focus on continuous improvement and innovation.
- Why this job: Make a real impact in the evolving field of Information Security.
- Qualifications: Experience in cyber security and strong leadership skills required.
The predicted salary is between 80000 - 100000 £ per year.
Requirements
- Deep understanding and knowledge of cyber security principles, security standards and regulatory compliance and its application in a wide variety of organisations with a strong risk culture.
- Experience in a business facing security role, ideally in an Information Security Director, BISO, CISO or similar capacity.
- Strong business acumen and commercial awareness with previous experience in a senior client-facing role or similar.
- Be a self-starter / self-motivated with the ability to lead, inspire and drive change through an organisation.
- Have the ability to be pragmatic while balancing the needs of Engine against security.
- Ability to work with a variety of stakeholders across all levels and can adapt communication style to different stakeholders.
- Have an ability to think and plan strategically and systematically while recognising the need to deliver to the business requirements.
- Have previous experience working in a complex IT organisation encompassing service delivery, application development and IT infrastructure.
- An understanding of best practice within Information Security and risk management including standards such as ISO 27001, NIST, Cyber Essentials and COBIT.
- An understanding of legislation and regulations that impact information Security, e.g. Data Protection Act and GDPR, Freedom of Information Act, PCI DSS.
- Have previous experience in leading, developing and motivating a team of subject matter experts.
- An understanding of current and emerging threats and countermeasures and the organisational challenges to addressing these threats.
- A good practical knowledge of security technologies and wider business solutions including Identity and access management, SIEM, remote working and cloud technologies.
- Experience of working in a banking or financial services environment would be beneficial.
- ISC2 CISSP or ISACA CISM, ISACA CRISC, CISA or Open FAIR qualifications would be beneficial.
What the job involves
- This role will shape our Security objectives, practices and associated policies and processes within Engine as well as lead the continuous improvement of our Information Security capabilities whilst managing a growing Information Security Team.
- The successful candidate will act as the liaison between Engine and Starling Bank’s Information Security teams whilst also ensuring that they are the point of contact for all Information security related questions raised by Engine clients and our auditors.
- We’re looking for a curious, versatile, adaptable and experienced information security or cyber specialist with executive presence and strong leadership skills who enjoys the challenge of a varied and collaborative role.
- You’ll enjoy problem solving, working with a wide variety of stakeholders, and enabling us to be creative in continuing to provide innovative products and services to support our clients, and stay at the forefront of all things Information Security.
- Manage and maintain the Information Security Policy and Information Security Management System to ensure it meets the needs of Engine, its clients, employees and other stakeholders and compliance with the relevant industry standards, regulatory and certification requirements such as ISO 27001.
- Oversee Engine’s Information Security governance documents (processes, standards and procedures) and optimise reporting of identified threats and vulnerabilities.
- Oversee the process for obtaining and maintaining compliance certifications and accreditations including but not limited to ISO 27001, SOC 1, SOC 2 and PCI DSS/3DS through engagement with internal teams and our external auditors.
- Maintain the Information Security Risk Register; identifying, assessing and mitigating information security risks (including security risks related to third-parties and partners) and ensuring coherence with Engine’s Risk Management framework.
- Act as a point of contact for all Information Security related client queries and issues; providing expert opinion and communication during initial client conversations, RFPs, RFIs, delivery and throughout the client lifecycle.
- Act as an Information Security point of contact for Business Continuity Planning and Disaster Recovery; this includes responsibility for initiation and execution of cyber business impact analysis.
- Advise the wider organisation on compliance and governance requirements.
- Oversee Incident Response related to Information Security and ensure coherence and collaboration with the broader Technology response capability.
- Liaise with external bodies and organisations to keep abreast of the threat landscape, emerging trends, technologies and legislation that have an impact on Information Security.
- Assist as necessary to investigate security breaches and pursue associated disciplinary and legal matters.
- Lead and manage a team of subject matter experts to ensure Information Security is managed effectively throughout the IT service delivery lifecycle, addressing client needs.
- Promote security awareness by collaborating with the relevant teams to provide training and awareness to the wider Engine organisation.
You may be put off applying for a role because you don't tick every box. Forget that! While we can’t accommodate every flexible working request, we're always open to discussion. So, if you're excited about working with us, but aren’t sure if you're 100% there yet, get in touch anyway.
Strategic Information Security Leader employer: Engine by Starling
At Engine, we pride ourselves on being an exceptional employer, offering a dynamic work culture that fosters innovation and collaboration. Our commitment to employee growth is evident through continuous learning opportunities and a supportive environment where your contributions are valued. Located in a vibrant area, we provide a unique chance to work at the forefront of Information Security while enjoying a flexible approach to work-life balance.
StudySmarter Expert Advice🤫
We think this is how you could land Strategic Information Security Leader
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry, attend relevant events, and engage with professionals on platforms like LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their security practices and be ready to discuss how your experience aligns with their needs. Tailor your responses to show that you’re not just a fit for the role, but also for the team.
✨Tip Number 3
Showcase your leadership skills! In your conversations, highlight instances where you've led teams or driven change. Companies are looking for someone who can inspire and motivate others, so don’t hold back on sharing your success stories.
✨Tip Number 4
Don’t hesitate to apply through our website! Even if you feel you don’t meet every single requirement, we value enthusiasm and potential. If you’re excited about the role, go for it – we’d love to hear from you!
We think you need these skills to ace Strategic Information Security Leader
Some tips for your application 🫡
Show Your Cyber Security Passion:When you're writing your application, let your enthusiasm for cyber security shine through! Share specific examples of how you've applied your knowledge in previous roles, especially in business-facing positions. We love seeing candidates who are genuinely excited about the field.
Tailor Your Application:Make sure to customise your application to highlight your experience with security standards and regulatory compliance. Mention any relevant qualifications like CISSP or CISM, and relate them to the job description. This helps us see how you fit into our team!
Be Clear and Concise:We appreciate a straightforward approach! Keep your application clear and to the point, focusing on your leadership skills and ability to drive change. Use bullet points if it helps make your achievements stand out – we want to see what you can bring to the table!
Apply Through Our Website:Don’t forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team at StudySmarter!
How to prepare for a job interview at Engine by Starling
✨Know Your Cyber Security Stuff
Make sure you brush up on your knowledge of cyber security principles and standards like ISO 27001 and NIST. Be ready to discuss how these apply in real-world scenarios, especially in a banking or financial services context.
✨Show Off Your Leadership Skills
Prepare examples that showcase your ability to lead and inspire teams. Think about times when you've driven change or motivated a group of experts to tackle complex security challenges.
✨Tailor Your Communication Style
Practice adapting your communication for different stakeholders. Whether you're talking to technical teams or non-technical clients, being able to switch your style will demonstrate your versatility and business acumen.
✨Be Ready to Problem Solve
Expect scenario-based questions where you'll need to think on your feet. Prepare to discuss how you would handle specific security threats or compliance issues, showing your strategic thinking and practical knowledge.
