Head of Information Security Engagement

**Overview**
- Reporting to the Chief Information Security Officer, the Head of Information Security Engagement will lead a team of technical and advisory experts to evaluate, design, build, and support security tools and services for Link Group. The role will assist in the execution of the Information Security strategy by aligning business and security outcomes through expert advice and early engagement. This senior leadership role requires passion, vision and drive and will act as a respected strategic advisor for the business’ within Link Group, guiding internal and external stakeholders on information security best practices, cyber security, identity access management, governance, risk and compliance, security operations, vendor management, threat modelling, and vulnerability remediation within a hybrid cloud and on-premise technology environment globally.**Key Accountabilities and main responsibilities**
- Strategic Focus
- Act as the interface between Information Security and the Business from both a delivery and operational perspective.
- Act as a conduit between the Information Security team and clients via the current CRM network.
- Build a consistent trusted relationship with the Business senior leadership relation to information security.
- Support the development of Information Security strategies to enable Business and Client outcomes.
- Support the CISO in the development of the overall information security strategy and roadmap.
- Provide expert advice to business leaders to ensure information security risks are understood and mitigated where possible.
- Work with Technology leaders to define Information Security inputs for technology roadmaps.
- Build a roadmap and implement effective information security awareness including developing communications and actively promoting related campaigns across Link Group.
- Operational Management
- Increase delivery, consistence, visibility and awareness of information security services and advice.
- Provide security tooling and support aligned to strategy and SLAs in an efficient and easy to engage manner.
- Represent Information Security at relevant business risk and governance forums.
- Ensure that the business and technology teams are aware of and comply with all relevant regulations within the various jurisdictions they operate in.
- Provide balanced advice to key stakeholders and project resources which aligns with International Information Security frameworks and reduces the risk of control weaknesses being introduced by projects.
- People Leadership
- Lead and mentor a team of technical and advisory experts to evaluate, architect, implement, and support security tools and services for Link Group and execute on the global Information Security strategy while encouraging professional growth and development.
- Governance & Risk
- Act as the Interface between the Information Security Governance Risk and Compliance team and the business on control design and control effectiveness as well as special projects from a strategy alignment perspective.
- Manage risks associated with information security that the business and/or clients.
- Provide information security advice and input in relation to pre-sales activities.

**Experience & Personal Attributes**
- Qualifications/ Experience/Capabilities Required
- Thorough understanding of information security operations and governance concepts and current best practices, techniques, processes, and technologies
- Strong experience working with control frameworks (e.g., ISO27001, NIST, CPS234, COBIT)
- Extensive experience with security technologies including Intrusion Detection, Anti-virus/anti-malware, Database Activity Monitoring, Data Loss Prevention, Penetration Testing, Firewalls & Security Log management tools.
- Ability to examine complex security problems and identify key risks, issues, trends, and patterns.
- A sound knowledge of security best practice controls and control frameworks.
- Ability to evaluate security requirements within the context of a fast-paced environment to define pragmatic solutions.
- Ability to work in high pressure situations and follow processes and procedures with accuracy and attention to detail.
- Minimum 5+ years’ experience in security operations, IT governance or project management role with a focus on Information Security.
- Well-developed communication skills, including a level of written communication and reporting skills necessary to describe complex issues and actions clearly and concisely.
- Knowledge of enterprise risk frameworks and best practice risk management processes
- Experience managing a team and capacity planning of technical resources.
- Exposure to a large financial services organization and an understanding of the risks of such an environment is an advantage.
- Formal information security qualifications desirable: CISM, CISSP, SABSA
- Behavioral Competencies
- Be team-oriented - support peers to get the right outcome for the organization.
- Demonstrate