Lead, Information Security

Information Security Responsibilities

• Awareness on information security measures such as acceptable use of information assets, malware protection, password security
• Understand and report security risks and how they impact the confidentiality, integrity, and availability of information assets
• Understand how data is stored, processed, or transmitted from a Data privacy and protection standpoint

Role and Responsibilities

• Plan, develop and implement information security policies and procedures.
• Actively participate in developing security strategy for the organization.
• Facilitate/Perform Risk assessments for various business units and support functions in collaboration with delegates from respective teams.
• Maintain Risk Registers and ensure implementation of Risk treatment plan.
• Ensure compliance with applicable Data protection and privacy legislations including but not limited to EU/U. K GDPR.
• Communicate information security goals and new programs effectively with other department managers within the organization.
• Collaborate with information security champions and IS team to accomplish information security and Data Privacy goals.
• Investigate security incidents, facilitate correction, corrective action & closure in collaboration with stakeholders, perform root cause analysis and ensure preventive measures are taken.
• Support Business continuity planning at various levels.
• Awareness on general threat landscape and ability to apply that knowledge while assessing possible threats.
• Drive internal/external audits towards successful outcomes.
• Liaison with External Agencies on matters relating to the information security & Data Privacy.
• Perform supplier security reviews as per organization policy. Report non-compliance to management.
• Review information security related clauses in Client/Suppler agreements or addendums such as DPA.
• Respond to security questionnaires sent by Clients.

Preferred Qualifications

• Bachelors in Computer Science, Information Systems or related field.
• Minimum 5 years experience in Information Security.
• Solid understanding of security principles, technologies and best practices.
• Relevant certification or experience in ISO27001:2022 or other information security or cybersecurity frameworks.
• Experience in planning and conducting audits.
• Experience in developing and executing security policies and procedures.
• Strong oral and written communication skills.
• Team management skills and effective time management.

We invite you to subscribe to our monthly and quarterly newsletters to stay up to date with the latest job openings as well as resources and tips for job seekers here .

Research shows that women and other underrepresented groups apply only if they meet 100% of the criteria of a job posting. If you have passion and intelligence, and possess a technical knack (even if you re missing some of the above), we encourage you to apply.

Bounteous is focused on promoting an inclusive environment and is proud to be an equal opportunity employer. We celebrate the different viewpoints and experiences our diverse group of team members bring to Bounteous. Bounteous does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, physical or mental disability, national origin, veteran status, or any other status protected under federal, state, or local law.

In addition, you have the opportunity to participate in several Team Member Networks, sometimes referred to as employee resource groups (ERGs), that host space with individuals with shared identities, interests, and passions. Our Team Member Networks celebrate communities of color, life as a working parent or caregiver, the 2SLGBTQIA+ community, wellbeing, and more. Regardless of your respective identity, there are various avenues we involve team members in the Bounteous community.

Bounteous is willing to sponsor eligible candidates for employment visas.