Head of Security and Compliance

  • Term: Permanent
  • Location: London, UK
  • Salary: £85,000
  • Job Reference: R/045307

Head of Security and Compliance

London – £75-85k

The head of Security and Compliance will ensure external regulations and standards are adhered to from a technical perspective (including data security, information security, data loss prevention, applications and infrastructure platforms) and that the correct process and documentation are in place globally for this large media company.

Global leadership

– Act as the global knowledge expert, key project, client and RFP / RFQ contact and thought leader for Security, Compliance, Data Protection (S, C & DP) and BCP / DR

– Set the global S, C & DP agenda

– Identify and provide leadership for local S, C & DP resources

– Maintain effective communications and interaction with the WPP S, C & DP leadership team

– Manage internal change control meetings with teams

Knowledge management and communication

– Develop and deliver appropriate security, compliance and data protection training, awareness and updates

– Provide assurance to clients through Information Security compliance progammes and provide relevant information when needed

Audit

– Perform Information security audits for Third Party suppliers

– Ensure that the necessary controls are established and maintained for audit compliance

– Drive internal and external audit activities to coordinate resources and to track remediation actions identified through to successful conclusion

Monitoring

– Establish and maintain global initiatives to review third party monitoring and coordinate meetings between all impacted departments

Penetration and integrity testing

– To assist, maintain and overview security posture for applications (in house) through regular testing (i.e. Penetration Testing and Vulnerability scanning) and follow up on the remediation actions on the issues identified

– Investigate security gaps and initiate, and take ownership for the delivery of, remediation activities for all identified issues

Cybersecurity

– Maintain working knowledge and provide ongoing guidance and expertise in regulatory and industry developments relating to Cybersecurity threats

Event management

– Escalate security, compliance and data protection issues to the Security team where necessary

– Oversee security incident investigations and responses to external threats

BCP / DR

– Define, maintain and communicate the global BCP / DR plan

– Coordinate the definition and maintenance of regional plans

– Manage inter-region incident communications

Data Protection

– Data privacy advisor for all privacy related matters

– Act as the Data Protection Officer, including responsibility for relevant regulatory responses including:

– informing Hogarth on the GDPR compliance obligations

– monitoring compliance with the GDPR

– acting as the first point of contact, responding to questions and issues raised

Requirements

– Experienced in Risk and Vulnerability (Nessus) Assessments and Penetration testing

– Previous exposure to Business Continuity Planning

– Understanding of network Security Design, Implementation and Support & network Security skills with Firewalls, VPN, IDS/IPS, Anti-Virus and HIDS

– Knowledge and experience of Windows and Linux environments

– Knowledge of Web Technologies including Web Servers, Load balancing environment

– Knowledge of PKI (Public Key Infrastructure)

– Experienced in planning, developing and implementation of security policies

– Awareness of ISO 27001

– Knowledge of firewalls and network configurations

– Awareness of relevant EU directives and GDPR regulations

– Relevant Audit, Compliance and Data Protection certifications

Apply for this position now

Simple Share Buttons
Malcare WordPress Security