Head of Operational and Cyber Security

Location: Leeds, United Kingdom

The Role

This is a highly strategic role that will be co-ordinating and managing a broad range of tactical and operational tasks in complex and fast-moving contexts in both infrastructure and our cloud environments. You will need to be comfortable with prioritisation, ambiguity and driving forward multiple workstreams simultaneously.

You will own, implement and drive all elements of our information security approach, including setting strategy and the deployment of tools, technologies and standards across the group. Reporting to VP Assurance, you will be part of the Senior Leadership team and guide fellow seniors in tactical, operational, and strategic security activities.

You will be responsible for building out our ISO27001 framework and pushing forward continuous improvement across our infrastructure, internal platform and cloud environments, co-ordinating activities with teams across the company. You will lead on Government liaison on information-security matters, run our cyber-threat intelligence programme and work closely with our Privacy and Data leads.

You will develop and manage a governance structure that involves key stakeholder meetings to maintain an up-to-date risk register, as well as liaise with risk owners to provide support with policy, process, or technical control implementations.

You will also work closely with our Intelligence teams to ensure that they are able to operate with technical security against some of the most agile threat actors.

As Head of Operational and Cyber Security you will also be responsible for dotted-line oversight of our physical security programme and will chair our company security committee.

Requirements

  • Protect Crisp from security risks ensuring that we can be confident in our security processes, bolstering our resilience and safeguarding our capabilities and reputation.
  • Line management of our IT Team.
  • Chair the company security committee.
  • Develop a security program and security projects that address identified risks and business security requirements across our IT environments.
  • Manage the process of gathering, analysing and assessing the current and future threat landscape, as well as providing an overview of risks and threats in the company environment for the principal risk register.
  • Monitor and report on compliance with security policies / training, as well as the enforcement of policies within the IT department.
  • Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance.
  • Assist IT SLT and IT staff in understanding and responding to security audit failures reported by auditors, oversee our threat and vulnerability programme.
  • Ensure due diligence is completed for third party suppliers to ensure contracts and service-level agreements are fit for purpose

Essential Experience:

  • Previous experience of working in a supervisory position in a corporate IT security role
  • Experience of a SAAS environment with exposure to GCP or AWS audit and compliance
  • Familiarity with managing risks to IT infrastructure and cloud environments
  • Experience of working with and persuading senior stakeholders (C-Suite) and peers
  • Strong judgement, confidence and gravitas
  • Management and leadership experience
  • Understanding of intelligence-led security
  • Excellent interpersonal skills and the ability to deliver alongside, and with, others
  • Be persuasive and present a compelling and reasoned case for change

Benefits

Our rewards are as unique as our culture, and we want to attract the best people and retain them. Not only will we ensure that your development is key, but you will be joining a fantastic team of like-minded people who work together as one team to achieve a shared vision.

We offer an excellent salary and benefits package which includes:

  • Market competitive pay rates based your skills and experience
  • Discretionary bonus scheme / commission scheme with payment based on revenue generated as a result of generated sales leads
  • A generous option allocation
  • 33 days holiday including Bank Holidays
  • Critical Illness insurance
  • Life Insurance Cover
  • Healthcare Cash Plan
  • An attractive pension
  • Cycle to Work Scheme
  • Employee perks schemes offering discounts, rewards, giveaways and more
  • Subsidised gym membership
  • Mental health wellbeing portal and access to an in-house clinical psychologist
  • Support and provision of supplies to facilitate home working
  • Flexible working opportunities

About Crisp

Crisp provides 24/7/365 early-warning risk intelligence as a service for leading brands, global enterprises and social media platforms, providing customers with a real-time risk defence, and with intelligence and compliance solutions guaranteed to ensure our customers are always the first to know and act. These risks can take many forms, including activist attacks, hate speech, threats, fake news, false rumours, illegal content, compliance failures and many more. Fuelled by the increased popularity of closed social media groups and messaging apps, this harmful content can now spread virally, at scale before it reaches mainstream media channels.

The relentless focus on helping to create a digital world that is safe for everyone has been Crisp’s mission from day one. Today that passion extends to working with leading brands, global enterprises and social media platforms.

Statement:

'This work meets the requirements in respect of exempted questions under the Rehabilitation of Offenders Act 1974, any applicants who are offered work for this organisation will be subject to an enhanced check from the Disclosure and Barring Service (DBS). This will include details of cautions, reprimands or final warnings as well as convictions. A criminal record will not automatically bar a person from successfully taking up this post"