Your new company

For our client from Cracow, we are looking for Information Security Director for the EMEA region.

Your new role

As an Information Security Director, you will be accountable for service delivery to the assigned region / sub-region and solution lines. The role with need to have effective relationships with senior leadership to support the delivery of the regional / sub-regional business goals and operate an effective security risk management regime against an agreed security risk mitigation strategy. As the trusted security lead, this position requires presenting to local leaders, regulators and clients as needed. Prior experience of regulatory management is required.

What the day will look like
The Regional Security Office service provides a regional / sub-regional / solution line connection to Global Cybersecurity Services to ensure they are appropriately leveraged to mitigate security risks and provides the following security services:

Cybersecurity Leadership:
• Provide Cybersecurity reporting to leadership committees and Boards.
• Represent Cybersecurity to appropriate regulatory bodies.
• Own the Cybersecurity strategy for the assigned area, manage its delivery via leverage of GCS services and accelerate local control adoption.
• Own the colleague security culture programme.
• Represent the region / sub-region in the Security Incident Management process.
• Remediation Management, e.g. Internal Audit findings.
• Cybersecurity Compliance and Conduct management.

Cybersecurity Risk Management:
• Managing a Cybersecurity Risk committee to support cyber risk management.
• Track remediation of Cybersecurity Audit and Compliance findings.
• Review Cybersecurity Metrics and lead remediation programmes within the region / sub-region.
• Lead or Sponsor Cybersecurity initiatives within the area of accountability
• In conjunction with Data Privacy, ensure necessary security controls are in place.

GCS Service Delivery Management:
• Manage GCS Service delivery escalations.
• Support GCS project implementation within the assigned area of accountability.
• Contribute to the ‘voice of the Business’ in development of GCS service enhancements.
• Cybersecurity Intake & Relationship Management
• Regulatory & Compliance Assessment Support
• Continuity and Disaster Recovery Support
• Data Governance Support

Client Support/Escalation Management:
• Represent Cybersecurity on Client calls or escalations.
• Provide first line security advice, guidance and policy and standard support to client teams.
• Support the engagement of GCS services via the correct process.

What you'll need to succeed

• Broad cybersecurity knowledge and experience of implementing and operating an effective control regime in a large, complex corporate environment.
• Solid knowledge and understanding of Cybersecurity domains, including application security, vulnerability management, network and cloud security, security operations (incident management), physical security, supplier risk management and cyber awareness.
• Experience of effective Cyber Risk Management within a large corporate environment.
• Fostering strong partnerships by influencing and building effective relations with diverse stakeholders at a range of seniority, up to and including C-level.
• Exceptional communication skills, with the ability to communicate to a diverse range and seniority of stakeholders, including technical and non-technical audiences.
• Demonstrable regulatory management experience.
• Experience of Compliance Assurance and Audit Practice is desirable.
• Security certification (CISSP, CISM) is an advantage.
• Understanding and experience of delivering compliance standards, including: ISO27001, DORA, Cyber Essentials+.

What you need to do now

If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.

Hays Poland sp. z o.o. is an employment agency registered in a registry kept by Marshal of the Mazowieckie Voivodeship under the number 361.