Head of Security
The Head of Cyber Security plays a pivotal role in ensuring the overall security of the TalkTalk. You will support the business by defining a clear security strategy, defining key security objectives aligned to the TalkTalk Business goals.
Working cross-functionally you will establish and maintain the security governance framework, ensuring all key stakeholders across the Executive Leadership Team have visibility of the business security posture and security roadmap.
You will leverage key partner / supplier relationships to define performance measures required by the business across all security services, covering areas such as security risk management, operations and penetration testing.
With responsibility for the implementation of the cyber security roadmap, you will ensure security services are cost-optimised and offer value to the business.
You will support the business to maintain compliance with relevant legislative requirements such as Telecommunications Security Act, Investigatory Powers Act; along with broader compliance programmes such as ISO27001.
You will be responsible for:
Develop a clear security strategy for TalkTalk and have a multi-year plan in place to deliver the strategy.
Lead security governance committees including ones at Exco and Board level to ensure that cyber security is appropriately governed and managed.
Manage the overall budget for security and ensuring security services are cost-optimised and deliver value to the business.
Ensure that TalkTalk achieves compliance to various security regulatory standards such as PCI, ISO:27001, Cyber Essentials, and the Telecoms Security Act.
Prepare security updates and reports for Sr. Management, ELT, and the Board.
Deliver regular security risk reporting to various security governance committees, including the Security Committee.
Deliver Security Standards that support our Security Policies and Business needs.
Ensure trusted 3rd party security suppliers are performing within SLA and be a point of escalation.
Managing the relationship with the regulator, suppliers and industry partners in relation to cyber security.
Be great to also have the following experience:
Senior leadership experience in information security and risk management.
Experience managing suppliers & establishing performance management criteria.
Experience with ISO27001, PCI, and other security compliance standards and working with auditors.
Proven expertise in security governance and risk management methodologies including leveraging best practice security frameworks such as the CIS Top 20 or NIST Cyber Security Framework.
Experience in leading security risk management meetings, delegating responsibilities, and influencing people to take action to assist in the resolution of security risks.
Solid understanding and applicable knowledge of technical security concepts across different security domains.
Strong understanding of UK legislation such as IP Act 2017, Telecoms Security Act and Communications Act.
Excellent Senior Stakeholder management skills.
Bachelor's Degree in Computer Science or relevant experience.
CISSP and/or CISM certified preferred.
As a recognised Top 50 Inclusive Employer in the UK, we know that diversity means success and innovation. We want our workplace to reflect the communities and customer we serve. Being inclusive is part of our DNA; we are all 100% human, and we create a culture where you can truly be yourself.
We’re also not your usual 9-5. We are a dynamic workplace and we want to talk to you about how you like to work.
Benefits
-
My Wellbeing
We want you to feel good at work — and not just because you’re doing great things for our customers. We run lots of wellbeing initiatives throughout the year.
-
My Products
We offer all of our people free TalkTalk Fibre, TV and Phone (you’ll be helping us make them what they are, so it’s only fair that you get to enjoy them).
-
My Flexibility
We all lead different lives and like to work differently, so whether it's working from home or starting and finishing your day later, we’ll give you the flexibility you need to do your best work.
-
My Benefits
Think company pension scheme, private medical insurance, income protection and life assurance, plus all sorts of other benefits designed to make your life easier.