Information security leadership for creative practice
Embedding security controls in sdlc shift-left practices
Managing security risks for cloud and on-premises infrastructure
This role leads information security for the Creative Practice Area, embedding security capability directly into product and service operations
Job Summary
This role leads information security for the Creative Practice Area, embedding security capability directly into product and service operations.
The position requires embedding security controls and patterns into all stages of the secure development lifecycle with a focus on shift-left practices.
Candidates must provide security assurance for key applications, manage vulnerabilities from multiple sources, and support client security requests including RFIs and audits.
Matching Summary
This role leads information security for the Creative Practice Area, embedding security capability directly into product and service operations.
Skills & Requirements
Must-have
Information security leadership for creative practice
Embedding security controls in SDLC shift-left practices
Managing security risks for cloud and on-premises infrastructure
Conducting security assurance and vulnerability assessments
Supporting incident response and client security audits
Nice-to-have
Strong stakeholder management in matrixed organizations
Experience with modern cloud-native architectures
Ability to influence technical and non-technical audiences
Comfortable managing uncertainty and ambiguity
Excellent written communication for risk briefs
Key Requirements
CISSP or CISM certification (or equivalent)
Experience with OWASP Top 10 security issues
Knowledge of ISO 27001, NIST CSF, SOC2 frameworks
Proven expertise in security risk assessment for technical products
Practical experience embedding security early in SDLC