Website GBG
Description
About GBG
GBG is the leading expert in global digital identity. We combine our powerful technology, the most accurate data coverage, and our talented team to deliver award-winning location intelligence, identity verification, and fraud prevention solutions.
With over 30 years’ of experience, we bring together a team of over 1,250 dedicated experts with local industry insight from around the world to make it easy for businesses to identify and verify customers and locations, protecting everyone, everywhere from fraud.
Why you should be@GBG
We make the world a safer place
We trust each other and win together
We are local experts in a global business
We want you to be yourself
We grow when you grow
The Team
GBG’s Information Security team of c30 team members, enable delivery of GBG’s business strategy by ensuring GBG is secure and trusted.
The team provides four core capabilities:
- Governance, Risk and Compliance.
- Cyber Defence.
- Product Security.
- Security Architecture.
The Role
GBG are seeking a talented and experienced Head of Cyber Security to join our team. As a Head of Cyber Security, you will be responsible for managing and maintaining information security controls. Primary responsibilities are Threat and Vulnerability management, Platform Engineering, Security Operations and Product Security.
Your expertise will be crucial in guiding risk decisions and ensuring the appropriate balance between security measures and the business’s appetite for risk. In this role, you will collaborate with cross-functional teams and regional information security specialists to maintain a protect, detect, response and recover capability for GBG globally through the adoption of appropriate controls to support a secure and trusted model.
What you will do
- Manage the delivery of the GBG InfoSec Strategy
- Oversee the Protection, Detection, Response and Recovery position of GBG Cyber Security Function
- Define the Cyber Security Strategy
- Establish and manage GBG’s Cyber Security Incident and Crisis management plans
- Support the business through the delivery of a secure and trusted model – embedding appropriate best practices through product delivery lifecycle
- Support growth of GBG by ensuring the secure delivery of products and services using appropriate security controls
- Oversee the delivery of Build once through the development or repeatable and understandable frameworks and processes using industry standards
- Establish and oversee GBG’s security testing activities
- Make data driven decisions utilising the output from common tooling
- Provide regular statistics and information to support service and management reviews
- Evangelise and guide Security development, promotion of controls and optimise the use of security services both embedded and operated across GBG
- Promote the Development of an Embrace & Foster DevSecOps way of working, Promote Secure by Design.
- Oversee the use of automation within the Cyber Function to support a trust model.
- Attract, retain, and lead a team of employees by educating, developing and managing them to deliver strong results.
- Embed risk management practices within Cyber Security functionality
- Collaborate with Key Stakeholders
- Understand the needs of GBGs Global Business and Technology requirements
Requirements
What We’re Looking For
- Demonstrable experience in Senior Information Security leadership roles.
- An individual with the ability to evidence strong leadership skills.
- Ability to communicate complex security issues to technical and non-technical stakeholders up to Board level.
- Someone who is ‘hands on’ and brilliant at report writing.
- Good judgement when assessing risk-based decisions.
- Ability to build productive internal and external relationships.
- Commercial acumen.
- Degree in computer science, Information Security, or relevant qualification in the field.
- Evidence of technical skills covering Security Testing, Incident & Crisis Management, Forensic
- Investigation, Security Architecture, SIEM management, Audit, Risk Management and Threat Intelligence/Threat Hunting.
- Knowledge of industry standards and frameworks such as CIS Top 18, OWASP, NIST, and ISO 27001.
- Strong understanding of software security principles, secure coding practices, modern development technologies and common security vulnerabilities.
- Experience with threat modelling, security assessments, and risk analysis.
As an equal opportunity employer, we are committed to providing fair opportunities for everyone regardless of age, gender, race, religion, sexual orientation, parental status or disability. Everybody is welcome and our inclusion and diversity programme, be/yourself, is designed to ensure that you can thrive. Please inform your GBG Talent Attraction Specialist if you require any reasonable adjustments to the interview process.