CISO

Chief Information Security Officer

The role of CISO will be focused on ensuring that the UK&I business is managing its security services and developing policies and practices that will protect the businesscritical data. In addition to the proactive protection of our systems the CISO will also be involved in preparedness for and leading within any cyber security breaches within the organisation working hand in hand with our data protection officer and compliance teams to ensure the impact of any attack is managed.

This role needs to maintain an understanding of and respond to market dynamics articulating these along with any competitive intelligence back into the organisation to help with product development as well as improving our internal security posture.

A key aspect will be the drive of security culture not just a cross the organisation but also the culture of the security teams themselves. This role needs to be an enabler for risk informed business growth.

The CISO will be a pivotal insight across corporate and industry engagement client delivery and internal systems services and behaviours.

Location: Homebased with travel. Candidate must be UKbased with expected to travel to various UK sites

Key Responsibilities

• Develop implement and monitor a strategic comprehensive enterprise information security and IT risk management program for the UK&I organisation
• Provide indepth security and risk reporting demonstrating a clear ROI against security investments
• Work directly with the business units to facilitate risk assessment and risk management processes
• Develop and enhance an information security management framework
• Understand and interact with related disciplines through committees to ensure the development and consistent application of policies and standards across all technology projects systems and services
• Act within the design assurance process ensuring resilience is built by default
• Provide leadership to the enterprises information security organisation
• Partner with business stakeholders across the company to raise awareness of risk management concerns
• Act as Telefonica Tech UK&I representative into key industry and regulatory bodies such as the National Cyber Security Centre and ICO
• Develop and present security performance metrics driving awareness of maturity and security posture
• Develop a culture of consistent and effective security awareness being the embodiment of that culture
• Lead on the of incident response plans including regular testing and improvement plans
• Assist with the overall business technology planning providing a current knowledge and future vision of technology and systems
• Drive the integration into the wider Telefnica security policies and procedures
• Deliver quantifiable security risk insights into the UK management board informing risk decisions
• Work with the Cyber security customerfocused teams to help develop security products and services
• Promote thought leadership through marketing channels to the industry to raise Telefnicas security visibility and presence in the market
   

Skills & Experience

• Experience in a CISO level role or equivalent within a commercially oriented organisation
• Knowledge of common information security management frameworks such as ISO/IEC 27001 MITRE ATT&CK and NIST
• Knowledge and experience across multiple technological constructs such as Cloud DevOps AsaService offerings data and ideally AI
• Experience in security risk management and reporting at an executive level
• Excellent written and verbal communication
• Policy development and administration skills
• Supervisory and incident management skills
• Innovative thinking and leadership with an ability to lead influence and motivate crossfunctional interdisciplinary teams
• Collaborative approach with a propensity for fostering strategic relationships across the business
• Expert knowledge of regulation and compliance standards
• Proven problemsolving mentality leveraging internal and/or external resources

Key Words:

CISO Chief Information Security Officer Cyber Security ISO 27001 InfoSec Security Cyber Leader

Additional Information :

We dont believe hiring is a tick box exercise so if you feel that you dont match the job description 100 but would still be a great fit for role please get in touch.

Remote Work :

Yes

Employment Type :

Fulltime