Your mission As the Head of Security, you will lead the development and implementation of a comprehensive security strategy. Your mission is to protect our digital assets, ensure regulatory compliance, and foster a security-conscious culture across the organisation. You will be the strategic partner to leadership, translating security goals into actionable plans and guiding the organisation through today's complex security landscape.
We build and deliver systems in a B2B business across the globe. This role is crucial in addressing the evolving complexity of our security and governance requirements, especially as we launch new services and platforms.
The Head of Security/GRC will integrate security considerations into every aspect of our operations, from application and architecture security to data governance and physical security. This position will ensure we remain compliant with regulatory requirements and protect our critical assets, leveraging both internal resources and trusted external providers for specialised expertise and cost-effective solutions.
What You'll Do Strategic Leadership: Define and drive the vision for Security, including GRC, operations and engineering thus aligning it with broader business strategies. Policy Development: Create, implement, and maintain security and GRC policies and procedures, ensuring compliance with industry best practices and regulatory requirements. Project Oversight: Oversee the planning, execution, and delivery of security projects, ensuring they meet deadlines, budget constraints, and quality standards. Stakeholder Engagement: Build strong relationships with key stakeholders, effectively communicating the value of security initiatives and fostering a security-conscious culture. Incident Response: Lead the response to security incidents and vulnerabilities, conducting root cause analysis and implementing lessons learned. Risk Management: Conduct risk assessments, develop mitigation strategies, and ensure proactive identification and management of security risks. Physical Security: Coordinate with physical security policies to protect our facilities and physical assets. Data Governance: Establish and enforce data governance policies to maintain the integrity and confidentiality of sensitive information. Training and Awareness: Develop and deliver security training programs to educate employees on risk management and compliance obligations. Application Security: Oversee the implementation of security measures to protect against vulnerabilities and ensure applications adhere to industry best practices. Security Architecture: Develop architecture frameworks and ensure alignment with security best practices and compliance requirements. Continuous Improvement: Stay abreast of the latest security trends and technologies, continuously enhancing the organisation's security posture. What You'll Bring Leadership Experience: Proven experience in leading and developing high-performing security and GRC teams including partnerships and contractors. Technical Expertise: Deep knowledge of security principles, technologies, and industry best practices, including frameworks like OWASP and NIST. Regulatory Knowledge: Familiarity with regulatory requirements and standards, and experience in ensuring organisational compliance. Strong Communication: Excellent verbal and written communication skills, capable of conveying technical information to diverse audiences. Experience in Security Engineering: Preferably in a software development environment, including secure development lifecycle (SDLC) processes. Incident Management: Experience in handling security incidents and performing incident response and forensics. Problem-Solving Skills: Strong analytical and decision-making abilities to identify and address complex risks. What's in it for you Inspiring and fulfilling work at the innovative, value-driven global company that uses cutting-edge tech. Global work experience in agile methodology. International, friendly and inclusive multi-cultural environment (over 35 nationalities that speak altogether almost 30 languages!). Attractive salary and flexible benefits package (incl. medical insurance for you and your family, life insurance, free language classes). Playful, accessible office in the Technology Park of Málaga with a free, private bus connection from the city centre and a range of workplace perks. Flexible working hours and ways of working, well-being programs, learning and growth opportunities every day. Relocation package for you and your family including soft-landing package services to help you settle down in Spain (if you are moving from a different city/country). Flexibility of working from home or in the office to stay both safe and collaborative. Team building events, Learning Labs, Hackathons, Designatons, and even Referathons! Opportunity to shape the tech community inside and outside of The Workshop, mentoring and sharing knowledge with others.
#J-18808-Ljbffr