NOMADIA Group require a Chief Information Security Officer (CISO) to create, implement and maintain a company wide Information security strategy to address the existing and identified future risks/vulnerabilities facing the organization.

The CISO is a thought leader and champion of information security within the business, interacting regularly with the board and other key stakeholders. The ability to manage relationships with these senior figures, as well as garner support from the wider organization and employees, will be crucial to their success.

The CISO’s fundamental responsibility is to govern and manage (directly and indirectly through influencing others) both physical and cyber security risk across the organization to protect the company, its customers and investors from damage (operational, financial and reputational).

Primary responsibilities include:

·       Define, implement, and monitor a strategic, security and IT risk management program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organisation

·       Ensure that common security measures are utilized across the whole organisation, taking different business units, geographies, and functions into consideration

·       Oversee information security governance through the implementation and maintenance of a governance programme

·       Ensure that the protective/alerting measures across the company enable the quick identification, response, and mitigation of attacks, minimizing the damage and impact generated. This may require 24/7 security operations to be established/active

·       Ensure that NOMADIA is aware of, has evaluated and is appropriately compliant with external regulations & compliance obligations

·       Monitor the internal and external threat landscape for emerging threats, and advise relevant stakeholders on the appropriate courses of action

·       Develop, maintain and publish up-to-date information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practices ensuring that all employees are aware of their obligations as they relate to information security and reporting of any incidents

·       Ensure security is embedded into the broader operational landscape with a pragmatic and commercial view that balances cost vs benefit & risk

·       Provide monthly reporting to the executive team on the current status of the information security programme and information security projects

·       Regular interface with legal, compliance and IT teams (infrastructure and software engineering) to ensure company-wide standards and consistency of deployment/operation

The successful candidate will have the following skills and experience:

·       Proven and demonstrable track record of success within a business of a comparable size and complexity to NOMADIA

·       Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences

·       Ability to interact and inspire confidence with external audiences, such as customers, regulators, and investors

·       Experience of implementing relevant cyber security frameworks (e.g., ISO27001)

·       Proven track record and experience in developing information security policies and procedures, as well as successfully executing programmes that meet the objectives of excellence in a dynamic environment

·       Experience of working in a software company which places significant importance on cybersecurity in how it operates internally and develops/delivers software products to customers

·       Poise and ability to act calmly and competently in high-pressure, high-stress situations (e.g., leading cyber incident response)

·       Must be a critical thinker, with strong problem-solving skills and the ability to lead and influence others (who may not have a direct reporting line)

·       The ability to balance strategic and operational demands, thinking about new initiatives, whilst being hands on and detail-oriented not just an ‘advisor’ – must be action oriented to ensure that actions are completed, and the company protected

·       Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives

·       Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals

·       High level of personal integrity, as well as the ability to professionally handle confidential matters whilst showing an appropriate level of judgment and maturity

·       High degree of initiative, dependability, and ability to work with little supervision

After CV pre-screening, applicant will be interviewed by:

Actual CISO

CTO

Business representative

CEO

HR