Head of Security Posture Management
Recruitment Agency Reference: 7110430
A position has arisen to join a leading telecommunications company as a Head of Security Posture Management.
IR35 Status: Inside
Location: Reading – occasional site visit to Reading
Duration: 3 months initially
Duties will include:
-
Develop holistic solutions that protect enterprise applications and data from unauthorised access, use, disclosure, modification, or change
-
Develop strategy and roadmap for security infrastructure components, including prevention/detection, data security, identity and access management, security event management
-
Be the focal point for security incident response planning, execution, and awareness. Respond to and troubleshoot security incidents, and provide on-call support
-
Identify and evaluate security gaps, and translate them capabilities
-
Work with Digital SLT, product owners, and other stakeholders to resource projects and manage the communication across all teams involved
-
Partner with product owners and tech teams on vulnerability assessments, analysing vulnerabilities, determining severity, recommending remediation paths, eliminating, or mitigating security gaps
-
Work with product owners and tech teams to ensure security controls are integrated in the environment and risks are reduced to the acceptable level
-
Maintain a current understanding of the security threat landscape. Research and review latest technologies and trends
-
Lead intake of new security initiatives: ensure scope is well understood and signed-off from Change Board and Architecture Review Board, create achievements, and hold teams accountable
-
Balance your workload to deliver the highest priority items while setting expectations proactively with your partners of what won’t get done
Specific Knowledge & Experience:
-
Security and software engineering experience focusing on aspects in the design of systems that manage and mitigate security, privacy, and digital risk
-
SANS GIAC, CISSP, CISM or CCSP certified with over 7 years of leadership experience in security/privacy
-
Experience in leading security, privacy, and engineering talent, mentoring their teams, and collaborating with stakeholders across an organisation
-
Expertise in all layers of the stack - hardware, endpoints, cloud services, and mobile apps
-
Experience with security and control frameworks (NIST CSF, ISO27001, CIS CSC 20, Mitre Att&ck) and experience mapping control frameworks to security practices
-
Familiar with applicable legal and regulatory requirements, including SOX, PCIDSS, GDPR
-
Excellent communication, presentation, interpersonal and analytical skills. Ability to communicate sophisticated concepts clearly and persuasively across different audiences and varying levels
To apply for this role, please contact Renay Demoore on the Reading Recruitment team on 0118 207 1212 or rdemoore@venngroup.com
Venn Group is an equal opportunities employment business and employment agency and welcomes applications from all candidates.