IT Cyber security and Risk Lead

Tate Guildford
Guildford, Surrey
21 Jul 2017
20 Aug 2017
Contract Type
Full Time

IT Cyber security and Risk Lead



Guildford, Surrey

The role of IT Cyber security and Risk Lead is responsible for establishing and maintaining a corporate wide cyber security management program to ensure that information assets are adequately protected.

This position is responsible for identifying, evaluating and reporting on cyber security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise.

The IT Cyber security and Risk Lead position requires a leader with sound knowledge of business management and a working knowledge of information/cyber security technologies.

The IT Cyber security and Risk Lead will proactively work with business units to implement practices that meet defined policies and standards for information/cyber security. You will also oversee a variety of IT-related risk management activities.

The IT Cyber security and Risk Lead serves as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with the organisation's cyber security policies.

A key element of the IT Cyber security and Risk Lead's role is working with executive management and specifically the SIRO to determine acceptable levels of risk for the organisation. The IT Cyber security and Risk Lead must be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully functional, secure mode.


Degree level education or equivalent

Postgraduate qualification or evidence of pursuit of further professional qualifications (e.g. CIPS, ITIL and COBIT)

Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials

Experience in a combination of risk management, information security and IT jobs. At least four must be in a senior leadership role. Employment history must demonstrate increasing levels of responsibility.

Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment.

Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT

Knowledge and understanding of relevant legal and regulatory requirements, such as Computer Misuse Act, Data Protection Act etc.

Deep knowledge of IT Security and Healthcare Technologies

Knowledge and understanding of NHS compliance requirements including the IG Toolkit

Strong project and process management skills, with the ability to handle multiple stakeholders, as well as a wide range of tasks

Experience with contract and vendor negotiations.

Where applicable, understanding of government and industry regulations that will influence contracting approach and vendor behaviour

Financial or Budgetary responsibilities - Previously responsible for a budget, involved in budget setting and working knowledge of financial processes

For further details, please contact the Guildford, Tate office