Home
Jobs
SearchWorks
Chief Information Security Officer

Chief Information Security Officer

On site

England, United Kingdom

£ 160,000 / year

Full Time

17-03-2025

Share this job:

Score my CV

Job Specifications

Job Title: Chief Information Security Officer (CISO)

A rapidly expanding global payment processing and software provider is seeking a dynamic and experienced Chief Information Security Officer (CISO) to lead their security strategy. This organization offers a comprehensive suite of solutions, including e-commerce platforms, subscription billing, payment gateways, and merchant accounts, serving businesses of all sizes worldwide. As they continue their global expansion, they require a seasoned CISO to ensure the highest standards of security and compliance.

Key Responsibilities:
Global Compliance: Drive and maintain compliance with PCI DSS, ISO 27001, and other relevant security frameworks across diverse geographic regions.
Regulatory Liaison: Act as the primary point of contact for regulators, auditors, and payment networks (e.g., Visa, Mastercard) regarding security and compliance matters.
Security Governance & Strategy: Develop and implement robust security policies, controls, and risk management strategies across all payment processing layers (acquiring, gateway, processing).
Security Operations & Incident Response: Oversee real-time fraud monitoring, threat detection, and security operations, utilizing tools such as SIEM and IDS/IPS.
POS & PIN Security: Ensure the security of point-of-sale (POS) transactions, including PIN encryption, Hardware Security Module (HSM) management (e.g. Thales), secure key injection, and terminal-level security.
International Security Management: Adapt and implement security programs to meet the unique legal and regulatory requirements of various regions, particularly in Asia and Europe.

Requirements:
Minimum of 10 years of progressive experience in cybersecurity, with a strong emphasis on leadership within the fintech, payments, or banking sectors.
Extensive and demonstrable expertise in PCI DSS, PCI PIN, ISO 27001, and other relevant regional regulatory standards.
Proven experience in HSM management, PIN encryption, and securing POS transactions.
Strong understanding of cloud security, application security, and Security Operations (SecOps).
Exceptional ability to communicate and advocate for security at the executive and regulatory levels.

About the Company

We Build Technology Teams Know more

Related Jobs

Company Name: hackajob
Job Title: Security Architect
Job Description: hackajob is collaborating with N Brown Group to connect them with exceptional tech professionals for this role. We’re looking for a Security Architect responsible for creating, maintaining, and enforcing the frameworks, processes, and technical designs that safeguard N Brown’s data, systems, and overall digital ecosystem. You’ll serve as the primary bridge between business priorities and security needs, ensuring that all technology initiatives are aligned with robust security principles. You’ll join the Architecture Chapter (Governance and Transformation) whilst being embedded within the Information Security Chapter (engineering and operations) and the GRC Team (governance, risk, and compliance). This unique placement enables the role to integrate security as a core element in business transformations, system operations, and governance activities, providing a 360-degree approach to enterprise security. Additionally, you will support the Data Protection Officer (DPO), ensuring N Brown meets its obligations around privacy and data protection, as well as providing leadership in Cloud Security Architecture and the Secure Development Lifecycle (SDL). What will you do as an Security Architect at N Brown? Information Security Architecture Develop enterprise-wide data security strategies to ensure the confidentiality, integrity, and availability of information assets. Establish and maintain security standards, policies, and guidelines that align with regulatory frameworks, business objectives, and industry best practices. Work closely with the Data Governance team to integrate controls for sensitive data across its lifecycle, including classification, storage, access, and transfer. Drive the adoption of encryption standards and other data protection mechanisms across applications, databases, and file systems. Collaborate with the DPO to ensure security architecture supports privacy obligations under GDPR and other regulations. Cyber Security Architecture Design and implement layered defence architectures to protect against an ever-evolving threat landscape. Define the security posture for enterprise infrastructure, including network segmentation, secure endpoints, and resilient cloud environments. Collaborate with engineering teams to build scalable, secure applications following secure coding principles and frameworks. Develop strategies for integrating security monitoring and detection tools (e.g., SIEM, IDS/IPS) into the organisation's IT landscape to provide real-time threat visibility. Partner with incident response teams to ensure that the architecture supports rapid containment and recovery in the event of a breach or cyberattack. Cloud Security Architecture Define security strategies for hybrid and multi-cloud environments, ensuring consistent protection across all platforms. Evaluate and recommend cloud-native security tools and controls, such as cloud access security brokers (CASBs), cloud firewalls, and key management systems. Collaborate with Cloud Operations and DevOps teams to implement secure infrastructure-as-code practices and cloud deployment pipelines. Ensure compliance with cloud security standards such as CIS benchmarks and shared responsibility models. Secure Development Lifecycle (SDL) Establish and champion the Secure Development Lifecycle across all application development teams. Provide guidance on secure coding practices, static/dynamic application security testing (SAST/DAST), and code review processes. Work with development teams to ensure security is considered at every stage, from design through deployment. Introduce automated tools to enhance SDL efficiency, such as vulnerability scanning in CI/CD pipelines. Drive security awareness among developers, offering training and mentorship on threats and mitigation techniques What skills and experience will you have? A good understanding of cloud security controls and tooling, ideally in AWS but GCP and Azure will also be beneficial. Understanding of secure coding and application design principles. Good knowledge of the ecommerce threat landscape and a pragmatic approach to applying relevant controls to mitigate those threats. Experience of building strong security governance into guard rails. Experience of applying security controls and mitigations iteratively in an agile/DevSecOps environment where all requirements will not be delivered on day one. Excellent communication skills and a proven ability to influence outcomes - strong interpersonal skills are essential. Practical experience of governing solutions in an architecture function. Flexibility and a desire to learn. Awareness of IT industry trends and being vendor and technology neutral to enable best-fit solutions to be found. The ability to plan and rationalise project goals working from limited information and ending in a holistic design. Decisiveness - be capable of presenting proposed solutions with confidence, providing clear guidance for outcomes. Desirable CompTIA Security+ Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) Offensive Security Certified Professional (OSCP) Certified Cloud Security Professional (CCSP) AWS Certified Solutions Architect / GCP Cloud Architect / Azure Solutions Architect A broad understanding of current techniques and tooling including API-first design, Cloud Native, Containerisation and PaaS on AWS, Azure or GCP. Experience of working with Product or Agile teams at the same time, effectively governing architectural designs to enable continuous delivery. Retail / Ecommerce experience What’s in it for you? Hybrid working 24 days holiday (+ 8 bank holidays) with the option to buy an additional 10 days Annual bonus scheme Enhanced maternity and adoption leave Access to Apricity, a self-funding IVF benefit at a reduced rate Company pension with up to 8% N Brown contribution Mental Health support both internally and externally, including access to our wellbeing champions and counselling services A range of financial wellbeing support Colleague discount across all N Brown brands Onsite café with subsidised rates and local restaurant discounts! Life Assurance and Private Medical Insurance Paid volunteer time - all our colleagues can take a full day paid to volunteer for a charity of their choice N Brown - who we are and why work for us? At N Brown, we’re committed to building a diverse workforce and creating an inclusive environment that values equality for all. Our vision is that by ‘championing inclusion, we’ll become the most loved and trusted fashion retailer’. Diversity, Equity, Inclusion and Belonging are, therefore, at the heart of our culture. We’re a forward-thinking digital retailer with a financial services proposition to be proud of. We’re customer-obsessed, serving them through three core brands: JD Williams, Simply Be, and Jacamo. We’re experienced, with over 160 years of trading under our belt...

Manchester, United Kingdom

Hybrid

Full Time

18-03-2025

Company Name: Digital Waffle
Job Title: Cyber Security Engineer
Job Description: Job Title: Cybersecurity Engineer Location: Omagh (Hybrid) The Role: We are seeking a highly skilled and proactive Cybersecurity Engineer to join a dynamic security team. The ideal candidate will play a critical role in defending the organization against cyber threats by managing and improving the Security Operations Center (SOC), responding to incidents, and enhancing overall cybersecurity posture. This position offers an exciting opportunity to work in a fast-paced environment, handling cutting- edge technology and complex cybersecurity challenges. Benefits Internal training on products and services provided. Company rewards program. End-of-year staff bonus. Additional bonus if annual company targets are achieved. Paid day off on your birthday. Mileage reimbursement for site visits. Death in Service: Coverage at 2x annual salary. Health Insurance: Available to all employees. Work From Home: Hybrid work environment available. Salary Sacrifice Electric Car Scheme: Employees can opt into an electric vehicle scheme Key Responsibilities: Incident Response (IR): Investigate and respond to security incidents, ensuring rapid containment, eradication, and recovery.Conduct root cause analysis of security breaches and create detailed incident reports. Collaborate with stakeholders to refine and enhance the incident response plan and playbooks. Security Operations Center (SOC): Monitor and analyse security alerts and logs from various tools such as SIEM, IDS/IPS, and endpoint detection systems.Identify and escalate potential security threats or vulnerabilities in real-time. Continuously optimize SOC workflows, tools, and processes for greater efficiency. Threat Intelligence and Analysis: Proactively research and assess emerging threats, vulnerabilities, and attack vectors. Develop strategies to mitigate risks based on threat intelligence. Stay up to date on the latest cybersecurity trends and regulatory requirements. System and Network Security: Perform vulnerability assessments and penetration testing on systems and networks. Implement and maintain security tools such as firewalls, endpoint protection, and email security systems. Collaborate with IT teams to ensure secure configurations and best practices are applied across systems. Desirable CISSP, CEH, GCIH, GCIA, CISM, or other relevant cybersecurity certifications. 4+ years of experience in cybersecurity, preferably in SOC, incident response, or threat analysis roles. Technical Requirements: Strong knowledge of firewalls, IDS/IPS, endpoint protection, and threat-hunting tools. Experience with scripting and automation using Python, PowerShell, or similar languages. Understanding of networking concepts, protocols, and security controls. Familiarity with cloud security (Azure, M365) is a plus. Experience configuring & supporting Windows Server (2016, 2019, 2022).

Omagh, United Kingdom

Hybrid

Full Time

18-03-2025

Company Name: hackajob
Job Title: Security Solutions Architect
Job Description: hackajob is collaborating with Computershare to connect them with exceptional tech professionals for this role. Location: Edinburgh or Bristol (Hybrid) This is a hybrid position primarily based in Edinburgh or Bristol. We’re committed to your flexibility and wellbeing and our hybrid strategy currently requires three days a week in the office, giving you the option to work remotely for some of your working week. Find out more about our culture of flexible working. We give you a world of potential Computershare has an exciting opportunity available for a permanent full-time Security Solutions Architect to join our Global Information Security (GIS) team. A role you will love As a Security Solutions Architect, you’ll be responsible for delivering, executing and implementing security solution architectures for assigned projects in line with the enterprise security architecture and vision. You’ll also maintain strong vendor relationships and provide IT insight and innovation to our Business and Technology Services Teams and enhance overall security posture and awareness of security best practice as you deliver on project engagements. Key Responsibilities Include Defining and maintaining security solutions architecture, definitions and articulate associated benefits and costs aligned to technology solutions to delivering projects advancing the security architecture direction. Consulting for and engaging with our Technology Services teams including architecture teams in delivering security solutions architecture with a passion for working collaboratively across global teams. Initiating significant change, identify opportunities for improving Security and managing the implementation of continuous improvement/new ideas and approaches. Reporting key architecture recommendations and implications, themes and trends to the Chief Security Architect. Maintaining a forward-looking perspective on emerging security and technology developments and their relevance to Business and Technology Strategies. Assisting in defining and maintaining the Security Enterprise Architecture. Establishing, maintaining and leveraging effective working relationships with all areas of Technology Services and external stakeholders to improve the overall service provided by Global Information Security. What will you bring to the role? You have strong communication skills which enable you to articulate often complex security risks so that they can be understood by a wide range of stakeholders, both technical and non-technical. You’re a self-starter; capable of setting and achieving challenging personal targets. You also have excellent time, resource and project management skills to manage multiple parallel engagements with conflicting priorities to successful completion. You’ll Also Bring Broad experience in the field of Solution Architecture and considerable experience in Information Security Familiarity with information security risk management Conversant with NIST cyber security framework and knowledge of the ISO/IEC 27000 series of information security standards and other related industry best-practice standards Strong analytical skills coupled with the ability to understand complex and sometimes conflicting security drivers Ability to work across multiple geographical borders and time zones Experience dealing with the most senior business and IT people and SMEs and major IT suppliers Project management experience and familiarity with project management frameworks like Prince 2 would be useful Bonus Points If You Have The Open Group Architecture Framework (TOGAF) Certification University degree in information security, computer science, telecommunications, networking, engineering, or another computer-related field Certification - CISSP - Certified Information Systems Security Professional or CISM - Certified Information Security Manager (ISACA) Rewards designed for you Flexible work to help you find the best balance between work and lifestyle. Health and wellbeing rewards that can be tailored to support you and your family. Invest in our business by setting aside salary to purchase shares in our company, and you’ll receive a company contribution as well. Extra rewards ranging from recognition awards and team get togethers to helping you invest in your future. And more. Ours is a welcoming and close-knit community, with experienced colleagues ready to help you grow. Our careers hub will help you find out more about our rewards and life at Computershare, visit computershare.com/careershub.

Edinburgh, United Kingdom

Hybrid

Full Time

18-03-2025

Company Name: G4S
Job Title: Fire and Security Engineer
Job Description: An opportunity has arisen for a Systems Engineer in our Fire & Security Systems business team. You will be based remotely and cover the High Wycombe and surrounding territory. What you will be doing Attend to calls for maintenance (on site and or by telephone) as directed by team co-ordinators Rectify all faults on the first visit where rectification is within your control. Carry out rolling programme of preventative maintenance visits. Collection/recording of site configuration information. Maintain accurate and timely records. Provide cover on an out of hour’s basis on a rotating basis. Commission small projects when required. Ensure that audits are carried out of quality procedures. Provide training to customers and colleagues as required. Carry out any additional tasks that may be required. What we are looking for Previous experience installing & servicing a wide product base of access control systems, CCTV systems and intruder alarm systems. Experience of installing and servicing fire alarm systems, ideally GENT based. An IT qualification and or Electrical/Electronic qualification A broad technical IT knowledge, i.e. Installing various Windows Operating Systems; networking etc Knowledge of basic electrical principals such as measuring voltage and current drain Good attention to detail in order to ensure that all paperwork is correctly completed, and procedures are followed within the allotted timescales. An enthusiastic team player who is able to work well under pressure and maintain a professional approach at all times. The benefits of working for G4S Salary up to £38,000 Company Car 25 days holiday Pension/Life assurance

High Wycombe, United Kingdom

On site

Full Time

18-03-2025