IT Cyber security and Risk Lead
IT Cyber security and Risk Lead
IMMEDIATE START - 12 MONTHS FIXED TERM CONTRACT
The role of IT Cyber security and Risk Lead is responsible for establishing and maintaining a corporate wide cyber security management program to ensure that information assets are adequately protected.
This position is responsible for identifying, evaluating and reporting on cyber security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise.
The IT Cyber security and Risk Lead position requires a leader with sound knowledge of business management and a working knowledge of information/cyber security technologies.
The IT Cyber security and Risk Lead will proactively work with business units to implement practices that meet defined policies and standards for information/cyber security. You will also oversee a variety of IT-related risk management activities.
The IT Cyber security and Risk Lead serves as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with the organisation's cyber security policies.
A key element of the IT Cyber security and Risk Lead's role is working with executive management and specifically the SIRO to determine acceptable levels of risk for the organisation. The IT Cyber security and Risk Lead must be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully functional, secure mode.
Degree level education or equivalent
Postgraduate qualification or evidence of pursuit of further professional qualifications (e.g. CIPS, ITIL and COBIT)
Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials
Experience in a combination of risk management, information security and IT jobs. At least four must be in a senior leadership role. Employment history must demonstrate increasing levels of responsibility.
Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment.
Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT
Knowledge and understanding of relevant legal and regulatory requirements, such as Computer Misuse Act, Data Protection Act etc.
Deep knowledge of IT Security and Healthcare Technologies
Knowledge and understanding of NHS compliance requirements including the IG Toolkit
Strong project and process management skills, with the ability to handle multiple stakeholders, as well as a wide range of tasks
Experience with contract and vendor negotiations.
Where applicable, understanding of government and industry regulations that will influence contracting approach and vendor behaviour
Financial or Budgetary responsibilities - Previously responsible for a budget, involved in budget setting and working knowledge of financial processes
For further details, please contact the Guildford, Tate office