Head of Information Security - Insurance Hybrid

Responsibilities:

• To safeguard technology infrastructure and any privileged or proprietary information that the business possesses
• To provide guidance and management for all information security needs

Knowledge:

• Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans
• A strong understanding of the business impact of security tools, technologies and policies
• Familiarity with applicable legal and regulatory requirements
• Familiarity with the principles of cryptography and cryptanalysis
• An understanding of operating system internals and network protocols

• Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks

• Experience in leading communications with senior stakeholders

• Previous management experience and strong leadership abilities, including the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision

• Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies

• Strong analytical skills to analyse security requirements and relate them to appropriate security controls

• Experience in application technology security testing (white box, black box and code review)

• Experience in system technology security testing (vulnerability scanning and penetration testing)