Thales protects 80% of the world’s banking transactions as well as safeguarding the biggest names in technology. We’re a leading force in cyber security, both in the UK and globally. And to keep our customers’ information and communications safe and secure in this constantly shifting, immensely challenging sector, we need to excel, evolve and invent. That’s why we only want to work with the brightest, most ambitious minds in our industry. That’s why we want to work with you.|
World-leading cyber security business Thales e-Security is seeking a talented Security professional to join us in securing some of the world’s most valuable information. Based in central Cambridge near the railway station, the business provides vital, trusted crypto security systems to companies all over the world and is responsible for protecting more than 80% of worldwide payment transactions.
It’s an exciting time to be joining Thales e-Security because we have recently acquired Vormetric and together our activities enable organisations to protect and control their data from the data centre to the cloud, while strengthening their security posture and meeting data privacy compliance.
In this role you will own and manage global security activities related to the IT/IS security program for Thales e-Security (Tes). You will take the lead in the development of IT/IS TeS security policies/procedures and to ensure operational compliance.
In addition to this you will be knowledgeable of all main business fuctions and their requirements so that they may be supported by IT/IS in a manner that ensures required service levels while ensuring that appropriate security positions are adhered to.
Key Areas of Responsibility
The Chief Information Security Office will report to TeS Chief Operating Officer, providing visibility of risks/potential risks and recommend appropriate mitigations.
You will be a Lead in the development/adoption and enforcement of Information Security policies, procedures and standards for the global business.
- Policies: Administrative, Personnel, Safeguards, Technical, Transmission etc.
- Procedures: Compliance, Incident Processing, Testing etc.
- Mechanisms: Electronic Data protection at rest, in motion, in use
- Oversee and/or assist in performing on-going security monitoring and continuous improvement of information systems including risk assessment, gap analyses, new security capabilities assessments and recommendations
- Ensure TeS compliance to all applicable security requirements (internal and external)
- Establish and maintain processes to ensure that all users are trained to conduct themselves in a manner which ensures they fulfil their IT/IS security responsibilities.
- Act as the TeS central point of contact for all incidents, develop and deploy appropriate incident handling procedures and reporting
- Ensure that IT/IS security is addressed in the development/acquisition processes for information systems and associated products and services.
- Ensure TeS IT/IS systems have suitable DR and BCP processes and procedure in place
Technical Knowledge/Skills & Experience Required
- Background and skills/experience in ISSO
- Excellent written and verbal communication skills
- Self-reliant, completer- finisher with a pragmatic approach to Security
- Ability to operate effectively without direct supervision
- Ability to interact effectively with all areas and levels of the business
- Demonstrable experience in management of Security related projects
- Must have demonstrable experience with ensuring compliance to company-driven and regulatory drivers
- Experience in the security systems arena
- Formulating and managing complex projects
- Proficient in taking complex/technical subject matter and refining/presenting to the business at any level so as to result in understanding and appreciation
- Experienced in bringing all major stakeholders together so as to engender a collaborative , solution oriented culture
- Detailed knowledge of IT and security disciplines
- Degree required (or equivalent experience): MS preferred in Computer Science or related subject matter
- Professional certifications: Must have one or more of the following certifications CISSP, CISM, CISA, ISSAP or equivalent.
- Proactive - Develops practical solutions, takes ownership, has a ‘can do' rather than ‘won’t do’ approach
- Technically curious – Regards technology problems as challenges
- Teamwork - Connected to the business, communicates openly, shares information and knowledge, networks internally and externally, persuades rather than pushes, involves colleagues, respects colleagues
- Creative – Connects the technical dots with a goal of building customer value
- Responsive - Always reacts quickly and with a sense of urgency to requests, issues, e-mails or other events in a timely and flexible fashion