Head of Cybersecurity

JLA Group is a leading provider of mission-critical infrastructure solutions, offering a range of services including laundry, catering, heating, fire safety, infection control, and air conditioning. As a company that values security and compliance, we are seeking an experienced Information Security professional to join our team.

The successful candidate will be responsible for developing and implementing our information security strategy, including policies, procedures, and tools designed to protect our enterprise communications, systems, and assets from both internal and external threats. This will involve working closely with our business units to facilitate risk assessment and risk management processes, as well as ensuring compliance with relevant security policies, standards, regulations, and laws.

• Develop and implement a comprehensive information security strategy, including policies, procedures, and tools.
• Work with business units to facilitate risk assessment and risk management processes.
• Ensure compliance with relevant security policies, standards, regulations, and laws.
• Oversee the approval, training, and dissemination of security policies and practices.
• Take responsibility for statutory attestations and achieving key information security accreditations.
• Develop and manage the cross-functional information security incident response team and ensure efficient and effective incident management processes are in place.
• Monitor the security and compliance environment continuously, managing third-party vendors and monitoring tools.

• Proven ability to develop and execute a comprehensive information security strategy.
• Proven experience in developing and managing security policies and procedures.
• Experience with cloud security, in particular Azure and hybrid Azure environments.
• Strong working knowledge of the Azure Entra and Microsoft Security and Compliance tools, and applying these across M365.
• In-depth knowledge of information security frameworks (e.g., ISO 27001, NIST).
• Strong understanding of relevant legal and regulatory requirements, such as GDPR, and PCI-DSS.
• Excellent leadership, communication, and project management skills.
• Ability to handle high-stress situations and make sound decisions under pressure.

• Bachelor's degree in Computer Science, Information Systems, or a related field.
• Minimum of 10 years of experience in a combination of risk management, information security, and IT roles.
• At least 3 years in a senior information security role.

The ideal candidate will have one or more of the following certifications: CISSP, CISM, or CRISC. Other relevant certifications are a plus.