You are here : Home › Vacancy list › Job details
United Kingdom, London, London
Hybrid
UK
Lockton - Experienced Professional
Regional Information Security Officer
The Regional Information Security Officer (RISO) leads and manages the cybersecurity posture of Lockton Companies at one of the three global regions of business operations and reports directly to the Global Chief Information Security Officer.
The RISO defines and cascades the global information security policy in their scope and ensures its application. RISO has an advisory, leadership, delivery, assistance, training, and alerting role with the management of Lockton Companies.
RISO ensures proper alignment with Lockton Companies’ global cybersecurity strategy and act as primary liaison between the global information security office and the regional business and IT leadership, helping the lines of business understand and implement security policies and processes while also helping translate business priorities to the global information security office.
RISO ensures the implementation of operational processes and solutions to guarantee data protection and information systems’ security level. Through relationship management, influence, and negotiation, the RISO supports both the core information security function and helps lines of business improve the global information security program’s maturity by encouraging collaboration, ensuring relevance, and driving results.
Key Accountabilities
Qualifications
Extensive information security experience including senior security leader responsible for overall security function
Team Management & Leadership
Demonstrated experience understanding security risks, identifying gaps, and creating risk-mitigating and remediation plans, drawing up IT Security roadmap.
Demonstrated experience understanding technical aspects of information and IT technology and core security components
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
Good grasp of PCI-DSS, ISO 27001, NIST, UK Cyber Essentials, GDPR, POPIA, and other security norms, regulations, standards & frameworks
One or more of the following or similar certifications is a plus: CISM, CISSP, CCISO, CRISC
Personal Attributes
Executive presence, and the ability to foster relationship management, negotiate and influence.
Practical and risk-based approach for problem solving and the ability to think ‘outside the box’ to find solutions which balance the need to run and grow the business and keep it safe.
Ability to partner with the lines of business, see gaps as opportunities, and enable the business leveraging a risk-based approach compared to an audit-based approach
Effective communications skills, including both written and verbal communication skills, and the ability to translate security principles into business terms.
Foundational technical expertise, including both business acumen and strategic thinking, as well as the ability to identify issues and provide innovative problem solving.
Passionate about driving and sustaining change through committed leadership.
Creative and results-oriented, who is good at balancing multiple priorities and issues.
Full Time Permanent