CISO - IT Managed Services
CISO - Chief Information Security Officer
As a FTSE 250 PLC, we are rooted in core European countries, Computacenter combines global reach with local expertise. We operate Infrastructure Operations Centres and Group Service Desks across Europe, South Africa and Asia from which our employees provide user support in 18 languages. Customers with global requirements are served through an extensive international partner network, which mirrors the requirements of our European-headquartered client base.
Group Information Assurance mission statement:
“Our mission is to secure the information assets of Computacenter and its customers 24/7 and globally, through best practice and industry recognised standards whilst maintaining an economical pricing model.”
“Our strategic aim is to maintain and continually improve Computacenter Group security posture, governance and control framework, aligning to industry standards and best practice and ensuring it is effectively communicated and understood by our stakeholders. Working closely with the business and customers to provide guidance and leadership on security matters with the aim of reducing the impact of security risk, events and breaches enabling Computacenter to be a trusted partner.”
“Our value is the ability to understand and decipher the ever changing cyber and data security landscape and present in a clear and articulate manner for our partners, customers and employees; enabling employees to protect themselves, our customers and our partners.”
You will have day-to-day responsibility for all aspects of Protective Security, (Physical, Information and Personnel) ensuring that appropriate levels of security are in place across the organisation. The role will be responsible for coordinating security related matters including GDPR, assessing risk, drafting and delivering information security assurance within the UK aligned with current HMG Standards and Guidelines as well as compliance to industry best practices.
The successful candidate will be an experienced Chief Information Security Officer with excellent communications skills and the ability to influence and educate senior management in Cyber Security threats.
The successful candidate should have a pragmatic view on how to apply a Security Framework to an enterprise business. You will take responsibility of the execution of any strategy and be able to demonstrate this skill.
The Group Information Assurance function (GIA), provides our organisation with information security strategy, policy, standards, risk assessments, management processes and technology to ensure that information assets are adequately protected with acceptable levels of controls. These controls enable the businesses to operate efficiently, cost-effectively and in compliance with regulatory and industry practices.
GIA already have a number of the constituent components of the CISO function already in place and therefore means we are not a "greenfield" opportunity for a CISO.
Proven CISO skills
Pragmatic approach (security by design, what does good look like)
ISMS framework, GDPR (knowledge/exposure - this function is owned by DPO/Group legal)
You will come from a strong stakeholder management and information assurance risk background and have a proven track record of delivering high-level business objectives, ideally within an IT Managed Services environment.
The Ideal Candidate
Key Objectives of the role:
- End to end IT Security
- Information management and Data Protection
- ISO9001 and ISO27001 Accreditation
- Risk management and reporting from local risk registers
- Training and development of IT security and Information Management awareness
- To prepare for strategic challenges that present the business including General Data Protection Regulation
- Advisory to the Executive team on all security related matters
- Develop and maintain relationships with senior stakeholders
- Oversight and accountability for service quality of the Vetting service
- Excellent interpersonal and communication skills
- Strong enterprise risk management experience
- Experienced in taking an Organisation through to ISO 27001 Certification
- A clear understanding of UK Government Security Frameworks including the Security Policy Framework and CESG Good Practice guidance
- A clear understanding of the Data Protection Act 1998
- Experienced in Risk Assessment methodologies such as IRAM, CRAMM and IS1&2
- Overall responsibility for all Information Assurance and Security
- Responsible for GDPR awareness
- Maintain awareness of current threats and business risks and be able to clearly articulate these to Senior Management.
- Managing the Security relationships
- Leading the Security Architecture strategy
- Managing, updating and publishing technical security polices, standards and processes
- Managing Security Governance Boards
- Act as the final point of issue escalation on all Security matters
- Provide support and leadership on all audit and remediation activities
- Maintain awareness of new and upcoming changes to external security policies, standards, laws or new vulnerabilities that may impact the client
- Performance management and development of security resource
The successful candidate will attained at least three of the following Certifications
- CCP SIRA
- Ex CLAS or Certified Cyber Security Consultancy
Highly Competitive Package
About the Company
We advise customers on their IT strategy; implement the most appropriate technology from a wide range of leading vendors and manage their technology infrastructures on their behalf. At every stage we make our customers’ businesses sharper by removing cost, complexity and barriers to change across their IT infrastructures.
Our corporate and government clients are served by offices across the UK, Germany, France, the Benelux countries, Spain and South Africa. We also serve our customers’ global requirements through our extensive partner network.
Key facts about Computacenter
Computacenter is Europe’s leading independent provider of IT infrastructure services & solutions
Our focus is on corporate and government organisations, typically of from 500 to 10,000 employees, and large enterprises of 10,000 or more employees.
Over 12,000 staff employed across the Group. 2016 adjusted profit before tax was £86.4 million. Revenues were £3.25 billion
Over 70% of Computacenter’s Group revenue comes from services, software, and sales of enterprise products such as servers and connectivity/networking technology
Achieve great things - for yourself, our customers and our business
At Computacenter we win together by making sure all our people have the autonomy to get things done and to find excellent solutions for our customers.