Listing Description
The Director of Information Security will carry out a pivotal role in ensuring the confidentiality, integrity and availability of Darktrace information and systems. You will lead a team of security professionals and collaborate with departments across Darktrace to ensure robust cyber security and information security standards and controls are maintained, and that there is an excellent level of information security awareness amongst employees. You will be an integral part of the company's focus on Security risk. You will communicate at all levels of the business and the work closely with CISO to accurately measure security program performance.
In depth security experience, strong leadership and the ability to work collaboratively with senior stakeholders, IT colleagues and others across Darktrace is essential.
Please note this is a hybrid role, with minimum expectations of 2 days a week in the cambridge office.
Resposibilities include:
- Deliver the security program in line with defined KPIs, strategic objectives and operational projects.
- Be responsible for Information security governance and security strategy delivery
- Be accountable for security framework compliance, maintenance and upholding of internationally recognised information security certifications (e.g., ISO 27001, ISO 27018, Cyber Essentials). This includes the maintenance of information security policies and continuous improvement.
- Align and assess Darktrace internal processes and products to other recognised frameworks upon request, including SOC 2
- Understand security architecture and data processing considerations when changes are made as part of Information security business transformation projects. Engage with stakeholders to communicate potential business impact.
- Oversee third party information security assurance with support from VRM Management, to include management of security risks associated with our supply chain (e.g., vendors, software, partners) and prioritisation of security resources around critical suppliers.
- Strengthen data governance. Sensitive data and information assets should have necessary and proportionate security controls around them. Understand what data types and categories are processed where and ensure protections are in place.
- Provide business support for Darktrace users and customers around our internal security program and compliance requirements. Establish a sustainable level of business engagement to cater for sales requests and information security issues.
- Contribute to business-wide security awareness training, focusing on regulatory requirements, relevant threats to our industry vertical, as well as negative compliance trends identified internally.
- Provide incident management leadership. Work closely with other security leaders and departments heads throughout all stages of the incident management lifecycle. To include; policies and planning, investigation and assessment, reporting and post-incident actions.
- Own information security risks business-wide, and be responsible for identification, evaluation, treatment and continuous monitoring. Responsible for the remediation of security findings.
- Liaise with external / independent penetration testers to provide assurance around the security of externally facing products / services.
- Deliver management review to senior stakeholders and executives business-wide
Candidate Requirements:
- The ideal applicant will have an expert knowledge and understanding of Security Frameworks, including ISO 27001, ISO 27018 and SOC2. (Essential)
- A broad range of technical controls, core security principles and security functions. (Essential)
- Hold either a CISSP, CISM or equivalent qualifications. (Essential)
- Strong understanding of security trends and technologies. (Essential)
- Ability to explain technical concepts in a language and at a level appropriate to the audience. (Essential)
- Excellent communication and interpersonal skills are essential as is the ability to explain technical concepts to both technical and non-technical audiences. (Essential)
Benefits we offer:
- Competitive base salary
- Discretionary bonus
- BUPA family healthcare
- Pension contribution
- Life insurance
- Other benefits include employee assistance programme, cycle to work scheme, matched charitable giving, employee assistance scheme, free fruit and regular social events.
#LI-Hybrid
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided