Midland Credit Management, an Encore Capital Group Company

Head of Information Security

Midland Credit Management, an Encore Capital Group Company

full-time

Posted on:

Location Type: Office

Location: LondonUnited Kingdom

Visit company website

Explore more

AI Apply
Apply

Job Level

Lead

Tech Stack

Cyber Security

About the role

  • Lead the Information Security business partner in the UK and Europe for all Cabot security organizational activities
  • Prioritize activities to ensure the ongoing effectiveness of Information Security and Cybersecurity controls
  • Work with risk and control owners to evaluate control design, effectiveness, and standards
  • Focus on ongoing compliance and regulatory activities, operational performance, and enterprise information and cyber risk
  • Manage team members that are direct reports as well as those that are matrixed, helping develop people in their careers and inspiring them to deliver excellence
  • Maintain awareness of emerging cybersecurity insurance requirements and prioritize related capability maturity activities within the business
  • Support ongoing program capability that aligns with ISO 27001, SOC2, PCI, SOX404, GDPR, CCPA, and other UK, EU, US, India, and Costa Rica requirements
  • Coordinate security risk measurements, key indicators, and established metrics across BUs
  • Provide oversight and guidance for periodic internal and customer security assessments to ensure compliance with information security policies and established security controls.

Requirements

  • 12+ years experience with Information Security preferably in a leadership role with executive and board reporting responsibilities
  • Must have 10+ years experience across common industry security policy areas, including, but not limited to ISO, NIST, COSO, COBIT, PCI, FFIEC, SOX, SSAE16, and others
  • Minimum 7+ years of experience in Information Security with an emphasis on IT audit, IT risk management, and/or IT compliance
  • Ability to translate technical risk and vulnerability data into business risk, and effectively communicate potential impacts to the business
  • Excellent analytical, technical and internal assessment skills
  • Excellent organizational and documentation skills
  • Strong project management skills are highly desired
  • Proven ability to manage priorities & deadlines and to work independently in a highly dynamic and diverse environment with multiple concurrent work streams
  • Strong business sense with an ability to balance 'business value' vs 'security risk'
  • Good communication skills with an ability to build strong narratives to highlight the importance of security to employees internally and customers/shareholders externally, including both technical and non-technical audiences
  • Ability to engage and effectively communicate with Executive Management, Legal, Risk, 3rd-party, and IT teams.
  • Ability to develop and document policies, standards, and guidelines.
  • Excellent oral and written communication skills.
  • Professional certification in information security or compliance (for example, CISSP, CISM, or CISA) required or achievable.
Benefits
  • N/A 📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Information SecurityCybersecurityIT auditIT risk managementIT complianceControl designRisk assessmentPolicy developmentMetrics establishmentCompliance assessment
Soft Skills
LeadershipAnalytical skillsOrganizational skillsDocumentation skillsProject managementCommunication skillsPrioritizationIndependenceBusiness acumenNarrative building
Certifications
CISSPCISMCISA