• Head of Security & Compliance

    Posted Date 4 months ago(23/03/2018 16:40)
    Job ID
    2018-1926
    # of Openings
    1
    Job Location(s)
    UK-London
    Category
    Technology
  • Overview

    This Head of Security & Compliance will ensure external regulations and standards are adhered to from a technical perspective (including data security, information security, data loss prevention, applications and infrastructure platforms) and that the correct process and documentation are in place across Hogarth globally.

    Responsibilities

    • Global leadership

      • Act as the global Hogarth knowledge expert, key project, client and RFP / RFQ contact and thought leader for Security, Compliance, Data Protection (S, C & DP) and BCP / DR
      • Set the global Hogarth S, C & DP agenda
      • Identify and provide leadership for local S, C & DP resources
      • Maintain effective communications and interaction with the WPP S, C & DP leadership team
      • Manage internal change control meetings with Hogarth teams

       

      Knowledge management and communication

      • Develop and deliver appropriate security, compliance and data protection training, awareness and updates
      • Provide assurance to clients through Information Security compliance progammes and provide relevant information when needed

       

      Audit

      • Perform Information security audits for Third Party suppliers
      • Ensure that the necessary controls are established and maintained for WPP General Computer Controls audit compliance
      • Manage resource allocation to complete WPP self assessment activities
      • Drive internal and external audit activities to coordinate Hogarth resources and to track remediation actions identified through to successful conclusion

       

      Monitoring

      • Establish and maintain global initiatives to review third party monitoring and coordinate meetings between all impacted Hogarth and WPP teams

       

       

      Penetration and integrity testing

      • To assist, maintain and overview security posture for applications (in house) through regular testing (i.e. Penetration Testing and Vulnerability scanning) and follow up on the remediation actions on the issues identified
      • Investigate security gaps and initiate, and take ownership for the delivery of, remediation activities for all identified issues

       

      Cybersecurity

      • Maintain working knowledge and provide ongoing guidance and expertise in regulatory and industry developments relating to Cybersecurity threats

       

      Event management

      • Escalate security, compliance and data protection issues to the WPP Security team where necessary
      • Oversee security incident investigations and responses to external threats

       

      BCP / DR

      • Define, maintain and communicate the global BCP / DR plan
      • Coordinate the definition and maintenance of regional plans
      • Manage inter-region incident communications

       

      Data Protection

      • Data privacy advisor for all privacy related matters across Hogarth
      • Act as the Hogarth Data Protection Officer, including responsibility for relevant regulatory responses including:
        • informing Hogarth on the GDPR compliance obligations
        • monitoring compliance with the GDPR
        • acting as the first point of contact, responding to questions and issues raised

    Qualifications

        • Experienced in Risk and Vulnerability (Nessus) Assessments and Penetration testing
        • Previous exposure to Business Continuity Planning
        • Understanding of network Security Design, Implementation and Support & network Security skills with Firewalls, VPN, IDS/IPS, Anti-Virus and HIDS
        • Knowledge and experience of Windows and Linux environments
        • Knowledge of Web Technologies including Web Servers, Load balancing environment
        • Knowledge of PKI (Public Key Infrastructure)
        • Experienced in planning, developing and implementation of security policies
        • Awareness of ISO 27001
        • Knowledge of firewalls and network configurations
        • Awareness of relevant EU directives and GDPR regulations
        • Relevant Audit, Compliance and Data Protection certifications

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed