Head of Information Security

Testronic is a global QA partner dedicated to empowering the next level in play. For over 25 years, it has served as a trusted extension of developer and publisher teams, focusing on player-centered, partner-first, and outcomes-led approaches to help clients achieve success. The company works with highly confidential pre-release game and media content provided by leading entertainment companies.

• Strong experience in information security, cybersecurity, or security governance, including leadership or ownership of security programs in global organizations.
• Proven experience owning and managing an ISO 27001 certification program and working with security audits.
• Strong understanding of security architecture and controls, including network security, SIEM monitoring, vulnerability management, and cloud security.
• Solid knowledge of modern cyber threats, hacking techniques, and data exfiltration risks, and how to mitigate them.
• Experience managing security compliance frameworks, risk management processes, and security governance programs.
• Ability to balance security requirements with business needs in a fast-moving and client-focused environment.
• Strong stakeholder management and communication skills, including working with both technical and non-technical teams.

Education & Certifications:

• University degree in Cybersecurity, Information Technology, or a related field.
• Relevant certifications such as CISSP, CISM, CEH, or similar.
• Audit-related certifications such as ISO 27001 Lead Auditor or CIA are a plus.

• Develop and maintain the company’s information security strategy and roadmap, continuously improving security posture while supporting business and client needs.
• Own and maintain the ISO 27001 certification program, including internal and external audits and compliance activities.
• Ensure compliance with internal policies, GDPR, and client contractual security requirements across all locations.
• Act as the custodian of security policies and standards, ensuring alignment with ISO 27001 and evolving business needs.
• Oversee incident management, vulnerability management, and SIEM monitoring, ensuring effective processes and controls are in place.
• Coordinate penetration testing, vulnerability remediation, and internal security assessments together with IT teams.
• Manage risk management processes, including maintaining risk registers and reporting to senior leadership.
• Support client security audits and assessments, providing transparency and assurance regarding the security environment.
• Act as a security advisor for internal projects, ensuring security requirements are integrated into IT and business initiatives.
• Drive security awareness across the organization, supporting stakeholders in understanding and following security requirements.
• Maintain documentation and evidence required for compliance, audits, and reporting.
• Establish and track security KPIs and KRIs to monitor the effectiveness of the security program.