Introduction
We have a security leadership role to fill within our Information Security Department: The Head of Security Risk and Governance role is a senior information security management position in the organisation, responsible for ensuring that information security risk is accurately measured, understood, communicated and treated across the organisation.
Location: We are open to discussion around remote working possibilities (UK only)
About the team
The Security Risk and Governance organisation is split into three teams – the Governance and Compliance team, the Risk and Consulting team and the Technical Assurance and Oversight Team. The SRG organisation has been improving its level of maturity and now requires an experienced information security leader to build on solid foundations and continue to deliver improvements.
Job Purpose
This role is responsible for delivery of all information security governance, risk and vulnerability management, technology change assurance and compliance requirements for the Admiral UK Insurance business (EUI).
The Head of SRG will ensure that all members of the SRG team are carrying out their roles in line with their job descriptions and that all security risks are measured, reported and treated in an appropriate way.
They will also be responsible for setting development of information security standards with other members of the Security Leadership Team and will be expected to lead the governance and risk management discussions with reference to organisation context and up to date threat information.
Main Duties
The Head of Security Risk and Governance will:
- establish information security roles and responsibilities for Admiral UK Insurance employees and third-party stakeholders
- be responsible for the overall operation and management of risk management processes, including supply chain risk management and contract security schedules
- maintain a current understanding the vulnerability and risk exposure of the organisation
- support new business and IT initiatives by providing expert security consultancy at all levels of delivery, supporting Admiral’s Agile Framework
- ensure compliance with Admiral’s legal and regulatory information security obligations, maintaining focus on FCA and PRA requirements
- translate technical risks into meaningful business information with comprehensible and proportionate risk treatment instructions
- schedule periodic and ad hoc technical and non-technical security audits, providing oversight and approval of remediation initiatives
- establish and communicate priorities for organisational mission, objectives, activities and set cybersecurity policy
- ensure that Admiral’s Security Risk and Governance organisation is appropriately resourced with certified practitioners maintaining their skillsets
Experience and Qualifications Required
The Head of SRG will be an experienced information security leader, well versed in managing information risk from C-Level through to technology delivery and support teams, be familiar with industry recognised information security control sets, risk management methodologies and be able to structure these into governance frameworks.
Essential skills
- Experience in delivering enterprise security architectures
- Demonstrable track record in delivering effective information security management improvement initiatives in large corporate environments
- Proven experience of creating effective risk management frameworks with evidence of improved information security posture
- Strong focus on governance, risk and compliance
- Technical knowledge of security, with the ability to demonstrate practical application of controls
- Strong attention to detail, with excellent analytical skills
- Ability to communicate constructively and confidently and work well with others
Desirable
- Degree in a technical discipline
- CRISC, CISM or CISSP
Salary, Benefits and Work-Life Balance
We do not have a set salary for this position, as it will be dependent on the successful candidate’s experience. We are happy to see CVs from all candidates who meet the requirements and will be happy to discuss the remuneration package.
At Admiral, we are proud to be a diverse business where we put our people and customers first. We have great benefits to ensure employees have a great work-life balance; it's one of the reasons we're voted no. 3 in the 2020 Sunday Times Best Big Companies to Work For in the UK. We want you to have an element of freedom to define a working lifestyle that supports this, so accommodate flexible hours wherever possible.
You can also view some of our other key benefits here; https://admiraljobs.co.uk/employee-benefits/.
If you think this role is for you and would like to be considered for this opportunity, please click “apply now” to complete an online application form.
#LI-LP1
