Head of IT Security Tech: Enterprise Systems · CDP Global

2 days ago


London, United Kingdom CDP Full time

Job Purpose and Background

With the successful launch of CDP’s new digital disclosure platform and the expansion of our technological capabilities, ensuring we have robust and dependable security infrastructure and practices that protect the data of our disclosers, and wider ecosystem, is essential to CDP’s long-term future.

We are now embarking on an effort to build a new in-house Cybersecurity team, beginning with the Head of Infrastructure & Security who will be responsible for leading the team, including developing and delivering a global security roadmap, encompassing infrastructure, tooling, policies, procedures, certifications, and training. This is an exciting greenfield opportunity to build and shape a new Security function, leveraging the latest Azure technologies, with a vision of attaining ISO27001 certification in the near-future.

About CDP

CDP is a not-for-profit charity that runs the global disclosure system for investors, companies, cities, states and regions to manage their environmental impacts. The world’s economy looks to CDP as the gold standard of environmental reporting with the richest and most comprehensive dataset on corporate and city action. In 2021 we launched our new five-year strategy: Accelerating the Rate of Change - find out more here. Visit https://cdp.net/en or follow us @CDP to find out more.

Key responsibilities include:

Leadership responsibilities:

  • Create and oversee the organization's overall cyber security strategy and positioning, as well as partnering with other senior stakeholders to contribute to the wider IT strategic planning.
  • Lead, develop and enable the Cyber Security team.
  • Design and implement awareness training and other approaches to ensure security is understood and embedded across the business at all levels.

Technical responsibilities:

  • Deliver security projects and initiatives through both strategic guidance and hands-on implementation.
  • Collaborate with software development teams to embed security best practices.
  • Implement and manage Azure and M365 security resources (Azure Firewall, NSG, Web Application Firewall, Front Door, EntraID, B2C, MFA).
  • Design and build cloud-based infrastructure with a strong focus on cyber security optimization.
  • Develop and maintain comprehensive security policies and standards.
  • Maintain our CyberEssentials certification and drive our security maturity towards future ISO27001 certification.
  • Manage our 3rd Party due-diligence process, assessing vendors and responding to customer security questionnaires.
  • Maintain robust role-based access control, ensuring all personnel have IT access limited to their need and role within the organisation.
  • Monitor and guide the IT Operations team to cultivate a sense of security awareness, including continuous education and improvement.
  • Manage the end-to-end penetration testing and remediation activities across CDP.

Tech-stack: Azure Sentinel, Azure Log Analytics, Azure Defender and Azure Defender For Cloud, AppCheck, Azure Security, Microsoft Intune, Forcepoint, Cisco Meraki.

You will bring the following:

  • Demonstrates competence and enthusiasm leading and managing a cybersecurity team, as well as strong technical expertise.
  • Excellent interpersonal and client-handling skills, with the ability to manage expectations and simplify detail to key principles and decisions.
  • Excellent written, verbal and presentation skills in English to properly articulate complicated security requirements to management, key partners and other stakeholders.
  • A positive approach with a high level of self-motivation and drive, committed to achieving high standards, even with challenging deadlines.
  • Previous experience developing cybersecurity roadmaps and strategies, defining requirements, with consideration of leveraging cloud as a delivery platform.
  • Extensive exposure and working experience applying cyber security practices to cloud technologies (Azure advantageous).
  • Deep understanding of application security and collaboration with development teams.
  • In-depth knowledge of Information Security standards (including but not limited to Cyber Essentials, Cyber Essentials Plus, ISO27001).
  • Deep understanding of IT Service Management principles (ITIL).
  • Excellent knowledge of OWASP.
  • Ability to stay ahead of emerging technology trends (ie cloud and SaaS) and industry developments.

Preferable:

  • Knowledge of infrastructure monitoring/logging, performance and capacity management, automation, and application toolchain (CI/CD) is an advantage.
  • CISSP certified.

Salary and benefits:

  • Competitive NGO salary and 8% Company Pension Program.
  • 30 days annual holidays (with purchased leave options).
  • Flexible working hours (with option to take flex-days).
  • Up to 6 months remote work anywhere in the world.
  • Paid sabbaticals, enhanced maternity/paternity/adoption leave.
  • Office offering prayer room and breastfeeding facilities.

Before you apply:

We’ll only use the information you provide to process your application. For more details on how we use your information, see our applicant’s privacy notice. By uploading your CV and covering letter, you are permitting CDP to use the information you have provided for recruitment purposes.

How to apply:

Please upload your CV in the application form.

#J-18808-Ljbffr

  • London, United Kingdom CDP Full time

    Job Purpose and Background With the successful launch of CDP’s new digital disclosure platform and the expansion of our technological capabilities, ensuring we have robust and dependable security infrastructure and practices that protect the data of our disclosers, and wider ecosystem, is essential to CDP’s long-term future. We are now embarking on an...


  • London, United Kingdom CDP Full time

    Job Purpose and Background With the successful launch of CDP’s new digital disclosure platform and the expansion of our technological capabilities, ensuring we have robust and dependable security infrastructure and practices that protect the data of our disclosers, and wider ecosystem, is essential to CDP’s long-term future. We are now embarking on an...


  • London, United Kingdom CDP Full time

    With the successful launch of CDP’s new digital disclosure platform and the expansion of our technological capabilities, ensuring we have robust and dependable security infrastructure and practices that protect the data of our disclosers, and wider ecosystem, is essential to CDP’s long-term future. We are now embarking on an effort to build a new...


  • London, United Kingdom CDP Full time

    Job Purpose and Background In 2023, CDP underwent a complete digital transformation, transitioning the annual disclosure cycle from a paper-based, human-intensive, and vendor-dependent stack to a completely in-house developed, modernized, and scalable product that will revolutionize the customer experience for both external and internal users. As part of...


  • London, United Kingdom CDP Full time

    Job Purpose and BackgroundIn 2023, CDP underwent a complete digital transformation, transitioning the annual disclosure cycle from a paper-based, human-intensive, and vendor-dependent stack to a completely in-house developed, modernized, and scalable product that will revolutionize the customer experience for both external and internal users. As part of this...


  • London, United Kingdom Women in Payments Full time

    Blockchain.com is the world's leading software platform for digital assets. Offering the largest production blockchain platform in the world, we share the passion to code, create, and ultimately build an open, accessible and fair financial future, one piece of software at a time. The Global Head of Enterprise Risk position is a hands-on, high impact...


  • London, United Kingdom CDP Full time

    Job Purpose and Background in summary In 2023, CDP underwent a complete digital transformation, transitioning the annual disclosure cycle from a paper-based, human-intensive and vendor-dependent stack to a completely in-house developed, modernised and scalable product that will revolutionise the customer experience for both external and internal users. As...


  • London, United Kingdom CDP Full time

    Job Purpose and Background in summaryIn 2023, CDP underwent a complete digital transformation, transitioning the annual disclosure cycle from a paper-based, human-intensive and vendor-dependent stack to a completely in-house developed, modernised and scalable product that will revolutionise the customer experience for both external and internal users. As...


  • London, United Kingdom CDP Full time

    In 2023 CDP underwent a complete digital transformation, transitioning the annual disclosure cycle from a paper-based, human-intensive, and vendor-dependent stack to a completely in-house developed, modernized, and scalable product that will revolutionize the customer experience for both external and internal users. As part of this transformation, we built...


  • London, United Kingdom CDP Full time

    In 2023, CDP underwent a complete digital transformation, transitioning the annual disclosure cycle from a paper-based, human-intensive, and vendor-dependent stack to a completely in-house developed, modernized, and scalable product that will revolutionize the customer experience for both external and internal users. As part of this transformation, we also...


  • London, United Kingdom Blue Pelican Group Full time

    CRM Personalisation Specialist - CDP Location:Hybrid working, Central London offices, 10 days in every month. Salary:£45,000 - £50,000 plus 10% bonus, pension, healthcare, life assurance, etc. This is a chance to learn something new and jump into the world of CDPs with both feet. Taking the experience you have in creating data led campaigns, and applying...


  • London, United Kingdom CDP Full time

    Job Purpose and Background In 2023 CDP underwent a complete digital transformation, transitioning the annual disclosure cycle from a paper-based, human-intensive, and vendor-dependent stack to a completely in-house developed, modernized, and scalable product that will revolutionize the customer experience for both external and internal users. As part of...


  • London, United Kingdom CDP Full time

    Job Purpose and BackgroundIn 2023 CDP underwent a complete digital transformation, transitioning the annual disclosure cycle from a paper-based, human-intensive, and vendor-dependent stack to a completely in-house developed, modernized, and scalable product that will revolutionize the customer experience for both external and internal users. As part of this...


  • London, United Kingdom Bestmansolutions Full time

    We are seeking an exceptional Head of Security Architecture to join a FTSE 100 global organisation. This role is perfect for a senior professional with a strong background in complex, large-scale environments who thrives in leading and developing high-performing teams. As the Head of Security Architecture, you will shape the strategic direction of security...

  • Head of Tech

    7 days ago


    London, United Kingdom Evosearch Limited Full time

    London, United Kingdom | Posted on 07/11/2023 We are representing a rapidly expanding and ever-evolving global executive search firm, which has three arms to the business, providing executive talent to the FS/Quants, FinTech, and Commodities markets. With year-on-year growth, demand for their services has been increasing, and they have recently won a number...

  • Senior CDP

    1 week ago


    London, United Kingdom COREcruitment International Full time

    Job Title: Senior CDP – Luxury Boutique HotelSalary: £37,000 + Service chargeLocation: LondonI am recruiting for a Senior CDP to join this luxury boutique hotel in West London. As Senior CDP you will be responsible for all production and presentation of the dishes and will work closely with the Head Chef.About the venue and company Luxury boutique...


  • London, United Kingdom Barclay Simpson Full time €90,000

    Global security consultancy urgently seeks a Security Architect to work on enterprise level large government client projects. SC clearance eligibility is required for this role. The role will involve defining enterprise security architectures, and translating technology security requirements and business conditions into enterprise security architecture...


  • London, United Kingdom Barclay Simpson Full time

    Global security consultancy urgently seeks a Security Architect to work on enterprise level large government client projects. SC clearance eligibility is required for this role. The role will involve defining enterprise security architectures, and translating technology security requirements and business conditions into enterprise security architecture...


  • London, United Kingdom Bestmansolutions Full time

    We are seeking an exceptional Head of Security Architecture to join a FTSE 100 global organisation. This role is perfect for a senior professional with a strong background in complex, large-scale environments who thrives in leading and developing high-performing teams. As the Head of Security Architecture, you will shape the strategic direction of security...


  • London, United Kingdom Kaikosystems Full time

    DescriptionKaiko Systems revolutionizes the maritime industry with cutting-edge AI-driven solutions that optimize fleet health management and operational efficiency. Based in Berlin and rapidly expanding globally, we’re committed to making the maritime industry safer, smarter, and more collaborative.Your missionAs an Enterprise Sales Manager based in...