Head of InfoSec
Why join Photobox Group Security?
PhotoBox Group Security is a trusted, high energy, empowered and proactive team. If you are looking for a place to make a difference, apply your security knowledge, learn a lot, be part of a highly productive team, and are able to work collaboratively with all parts of the business, this is the place for you.
We have a great culture, with a very horizontal structure. We expect you to be knowledgeable, trustworthy, empowered, friendly, focused and responsible.
Our mission is to secure the magic moments created by our customers, across all our brands. Our operating principles define what we focus on and how we make decisions. We hold ourselves accountable against these principles.
1. We are enablers for the organisation, not a bottleneck
2. We drive transparency and accountability in risk management
3. We minimise vulnerabilities
4. We hack ourselves first
5. We educate and empower our internal stakeholders and developers
6: We contribute to adding financial value.
As the Head of Infosec you will support the CISO with the management of the Group Security function, including all information systems related to customers, product, factory, compliance, audit, physical and staff security.
You will be responsible for the driving the Group’s enterprise security and risk management vision, strategy and program to ensure protection of information assets and technologies. Creating an accountable, information security-conscious culture and a system security architecture built on high quality standards, as well as regular status monitoring and quality reporting activities.
What will you do?
- Consulting, approval and/or validation of existing business strategic directions and investment plans as they relate to protection of systems and data
- Get the big information security risk management picture including third parties, service providers and integrating with internal control, compliance and risk management functions
- Setting strategic direction
- Information privacy and protection of Personally Identifiable Information (PII) of customers and employees
- Management of IT investigations, digital forensics, e-discovery, breach response and reaction plan responsibilities
- Information Risk Management standards and practical application using recognised standards (ISO, NIST, etc.)
- Information Security Management System (ISMS) designed to ensure comprehensive and documented assurance relevant to the organisations
- Representing the Group as the authority for security and controls to clients and customers, partners, competitors, auditors, regulators and internal stakeholders
- Line management of sub-teams within the group security team
- Liaising with brands under Photobox group to support security and compliance processes
- Supporting the creation of KPIs for OKR setting
- Ensuring recurring processes are documented, recorded and evidenced by relevant teams/staff
- Presenting to SMT/Exec on security related concerns/developments on a regular basis
Who are you?
- Strong Technical knowledge
- Excelent satkeholder management and comunication skill with ability to present and engage at C-Level
- Experience in Strategic consulting
- Singnificant InfoSec experience working as Lead /Head of within a 1000+FTE Enterprise
- Strong knowledge of secure engineering principles
- Calm under pressure
- Significant experience in multiple areas of Technology and Security (wide knowledge set required)