Beeks Group is an AIM listed global business delivering low-latency computer, connectivity and analytics exclusively within global capital markets and financial services and have an international network of over twenty data centres, supporting our retail and institutional customers.

We have a fantastic opportunity for a CISO to join us at our state-of-the-art new Head Office in Renfrew which includes a modern gym and a personal trainer weekly, the Beeks Bar and Coffee shop ‘Ophelia’s’, as well as our weekly massage therapist to look after you and many more perks!

Your Role

The CISO remit is to help raise the bar in how we protect global businesses digital lives.

Your role will be to cultivate key executive customer and partnership relationships. As an innovator in cyber security it is key that you are able to scale your knowledge by creating repeatable documented security transformation processes to allow others to replicate.

Your role is to demonstrate thought leadership and be a trusted advisor to both existing and potential new customers and partners. With growing trust the CISO will be defining a journey for these customers to better understand your own state in comparison with others.

You will be aligned to key strategic accounts for which you will act as the strategic consultant, helping to define and strategically project manage how these accounts can evolve their cybersecurity capabilities, leveraging the resources and skills both in the insight and broader business. The outcomes will be documented to demonstrate a repeatable process that the broader business can leverage.

Responsibilities

• Beeks Group are looking for a CISO who can demonstrate competencies which will enable them to successfully:
• Work in a regulated environment in the financial sector, with direct accountability to regulators and the Board for the management of risk of Beeks Services
• Build a risk culture that is embedded in every policy and process of the company (Technology, Security, Personnel, Environment etc.)
• Design and implement the risk framework for Beeks to ensure full compliance with regulatory expectations whilst maintaining the Beeks working approach

You will need to take accountability for:

• The day-to-day running and continuous improvement of the Beeks security system which includes the risk model (structure and content), the risk activities (Identification, Assessment, Evaluation and Treatment) and efficacy of mitigations. It will also include oversight of the incident management process and approach
• Compliance with Operational directives from various governing bodies as they apply to Financial Market Infrastructures and broader global standards e.g. those set by BIS/FSB etc.
• Reporting on the risk management of Beeks internally (e.g. to the Board) and externally (e.g. to the regulators), building effective working relationships with them
• Managing and monitoring the risks associated with Beeks Services to assure the level of service required
• Taking a hands-on approach to incident management analysis, staying informed, providing insight and guidance, as well as providing updates to regulators and other external stakeholders
• Identify, track, and communicate detailed metrics indicating overall security risk factors
• Working with external organisations and internal resources to ensure Beeks annual ISO27001 audits and renewals are successful.
• Work Soc2 compliance certification for Beeks and ensure standards are maintained within Beeks.

Qualifications

Required Experiences:

• Knowledge of common information security management frameworks, such as ISO/IEC 27001, and SOC2.
• Excellent written and verbal communication skills and high level of personal integrity
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
• Experience with contract and vendor negotiations and management for the purpose of cyber security, including managed services.
• Specific experience in security operations and tooling in particular relating to Microsoft and SaaS environments
• Specific experience in establishing, leading, and managing security compliance checking and remediation programs
• Specific experience in threat intelligence, incident management and running and operating appropriate executive exercises
• Experience with Cloud computing ideally Azure
• Excellent stakeholder management skills, and demonstrable experience understanding business drivers, and working with stakeholders to match cyber strategy to commercial/business context
• Previous experience of obtaining and maintaining these standards within an organisation is essential

Required competencies:

• Extensive Risk management expertise in banking or financial services gained from compliance or operational risk experience
• Experience of building operational processes and risk management frameworks from the ground up
• Senior interaction with regulators
• Ability to operate at C-Suite level when dealing with the Board and external participants
• AGILE methodologies (preferred)
• People management
• Understanding of wholesale payments industry/settlement risk strongly preferred.

Compensation & Rewards:

Financial:

• A competitive salary
• Share option scheme – an opportunity to have a tangible financial stake in the work that you do
• Attractive pension
• Flexible Work Hours (3 days on site per week)
• Life cover (4 x salary)

Lifestyle:

• A casual work environment
• 33 days annual leave (this includes 8 floating bank holidays)
• Hybrid working pattern home/office (an average of 3 days a week in the office for local candidates)

Wellbeing:

• Private Health Insurance including employee assistance programme, access to 24/7 GP and prescriptions and dental contribution
• On-site gym, PT Sessions, circuit training classes and yoga classes
• On-site massage therapist

We are an equal opportunity employer