Back to search
Head of Cyber Security and Infrastructure
I'm currently supporting a professional services firm to help them onboard a Head of Cyber Security and Infrastructure on a permanent basis.
This is an exceptional opportunity to come onboard and lead the entire Cybersecurity landscape for the firm which includes threat protection strategy, management of the team and compliance with all relevant cybersecurity regulations.Purpose
The Head of Cyber Security and Infrastructure will oversee the entire IT Cyber Security estate at the firm, adhering to the relevant Cyber security regulations. This role will continuously improve the internal security posture, identifying, assessing, and mitigating cyber security risks, in accordance with laws, regulations, and industry standards.The role will also require internal people management of the team but also management of external third party vendors to ensure they are held to account to their contractual obligations at a price the firm deem to be fair.The individual will lead the Group's Cyber Security operations function, by providing strategic direction and coordinating day-to-day delivery of threat intelligence, threat detection, incident response, vulnerability management and ethical hacking capabilities.This role will lead a team of Infrastructure Engineers, ensuring strong data controls are in place to develop a robust controlled environment. They will work closely with key stakeholders to establish responsibilities and ensure an end-to-end approach to cyber resilience is embedded in other functions.Location
The firm itself is global so you'll be talking with stakeholders in multiple continents however this role will be based in London, with a fair approach to hybrid working.
Required Experience
- The firm require an individual with extensive experience leading infrastructure and cybersecurity teams in a professional services environment, ideally within a law firm
- Requirement to have certifications such as CISSP, CISM
- Proven experience of working with IT security systems and information security governance, incident management,e., control frameworks, operations and application
- In-depth knowledge of security and infrastructure principles, methodologies, and tools (e.g., firewalls, Juniper MIST, encryption, VPNs, ZTNA, IDS/IPS, SIEM, Microsoft enterprise cloud services)
- Experience with security standards and frameworks such as ISO 27001, and GDPR NIST
