Chief Information Security Officer Job Description

To deal with the increasing information security challenges of the environment that the company operates in, particularly the increased use of third parties in providing services to the company, and the migration from analogue to digital technologies.
 
The post-holder will take a lead on forming and shaping, within recommendations and budget set by a recent independent review.
 
The post holder will be an effective senior manager and team player with the ability to motivate people and manage performance. They will demonstrate personal commitment and accountability to ensure standards are continuously sustained and improved both within the internal teams, partner organisations and suppliers, including outsourced technology partners.
 
The CISO serves as the senior management owner for all ongoing activities that provide access to and protect the confidentiality and integrity of customer, employee and commercially sensitive information in compliance with policies and standards.

 Responsibilities include the following:
 
1. Accountable for the development, implementation and monitoring of a strategic, comprehensive enterprise information security programme to ensure the availability, integrity and confidentiality of information owned, controlled or processed by the company.
2. Accountable for the IS incident response process. Ensure it is aligned to the business continuity incident management process, and has the necessary interaction with suppliers.
3. Coordinate the activities of the IS Advisory Group.
4. Review and approval of the IS implications of the technology investments.

5. Act as the lead representative for enquiries from customers, partners, and the general public regarding the organisation’s approach to IS.
6. Accountable for the development and management of the IS budget.
7. Ensure management information reports from the IS meetings with suppliers highlight key risks and action plans and report to senior management through the relevant IS governance forum.
8. Manage relationships with IS leaders across company divisions.

Required Skills and Experience
 
The ideal candidate will have an excellent performance record and have demonstrable experience, skills and abilities in the following areas;

  * Excellent communication skills
  * Strong stakeholder management and influencing skills
  * Strong leadership skills
  * Ownership of issues through to resolution
  * Developing positive working relationships with a wide range of internal and external people
  * High level change management abilities
  * Prioritising work to meet demands of role

Essential
 
· Experienced information security professional with industry-recognised credibility: i.e.significant experience in Information Security management within large or blue chip organisations, preferably in the Media Sector or other creative industry
· In-depth understanding of the technologies and architectures supporting information security protection
· Proven track record of operating in time critical, diverse corporate environments
· Extensive practical experience developing/publishing/maintaining controls and policies for complex organisations
· Proven history managing successful high performing teams, budgets and service demand
· Ability to set strategic direction and lead programmes of change
· Highly effective and creative problem-solving skills.
 
Desirable
 
· Practical experience implementing/managing ISO/IEC 27000 series standards within complex organisations
· History of operating/participating within recognised industry standards committees, working groups and security forums
· Experience of work in or with large scale outsource providers
· Conversant in Information Technology Infrastructure Library (ITIL) processes, procedures, and roles Qualifications
· Information Security specific qualifications: CISSP, CISM (desirable)
· MSc/PhD - Information Security/Risk Management or equivalent(desirable)
· Relevant management qualifications (desirable)
· Relevant experience ‘on the job’ (essential)

free-job-descriptions.com provides a free database of job descriptions. Whether you are writing a job description, need to better understand a job, or are thinking abut your career, free-job-descriptions.com is for you

Chief Information Security Officer Job Description