What's your new role about?
HERE’S SOME INFORMATION FOR YOU
DAZN is a rapidly growing live sports subscription streaming service with global ambitions. The thing with our business is, there are no second chances during live global sporting events and we need to manage our Cyber risk accordingly. DAZN delivers 1000’s of video streams, 10000’s of videos, 100,000’s of articles every year to both consumers and other media outlets.
We are looking for a Head of Information Security Risk and Compliance to join our Information Security team that sits within our Group Technology function. Aside from being amazing at finding, articulating and helping mitigate information security risk you will be the sort of person that thrives in a high velocity environment. You will want to simplify processes and be focused on things that really matter to our business and customers. If that sounds like you continue reading!
HERE’S A BREAKDOWN OF WHAT YOU’LL DO (NOT ALL OF IT, JUST THE MOST IMPORTANT STUFF)
- Maintain and continually improve our security accreditations (ISO 27001 & PCI DSS). Work alongside our legal team to ensure on-going compliance with relevant regulatory requirements.
- Maintain, continue to improve and implement effectively our policies, processes, procedures and standards.
- Revamp and continue to develop our approach to 3rd party supplier assessments
- Performing Information Security assessments & IT controls assessments across the group
- Develop and Own Information risk and compliance reporting across the group
YOU’LL NEED TO HAVE THESE ESSENTIALS...
- Experience in developing and running robust information risk and compliance programmes
- Will have led one or more implementations of ISO 27001 for a highly agile organisation
- Be able to clearly prioritise and articulate risks in business terms
- Adapt traditional/ cultural approaches to Information Security so they work for a creative/ agile and innovative environment
- Excellent stakeholder management skills and ability to execute delivery of Information Security initiatives in collaboration with the business
IT WOULD BE GREAT IF YOU HAD THESE TOO
- Be able to carry out deep technical security assessments and reviews
- Certified in one or more of the following; ISO 27001, ISO 27005, FAIR, CISM, CISSP
- Good working knowledge of GDPR and carrying out Data Processing Impact Assessments
- Experience defining & implementing incident management and business continuity plans