Chief Information Security Officer (CISO)

Warrington, UK
18 Oct 2019
31 Oct 2019
Contract Type
Full Time
Key Accountabilities
  • Lead and manage the NNL CS&IA Team.
  • Monitor the competence of NNL personnel and contractors engaged in CS&IA roles.
  • Be an evangelist for CS&IA within the business and wider industry and initiate/support new NNL business opportunities.
  • Maintain a positive working relationship with the Office for Nuclear Regulation and the Nuclear Cyber Security Centre.
  • Represent NNL at all appropriate industry, government and general CS&IA forums, committees and conferences.
  • Coordinate with other NNL Security personnel as required, and provide support to Security Liaison Officers and Information Asset Owners.
  • Develop and enhance internal relationships with the business on behalf of the CS&IA Team and the wider IT department.
  • Develop and maintain the NNL CS&IA Strategy and Plan.
  • Ensure CS&IA Aims and Objectives are aligned to those of the IT Department and the wider business.
  • Develop and maintain CS&IA governance.
  • Provide advice to NNL business units on the secure design of solutions and projects.
  • Ensure that CS&IA controls within new projects are proportionate, appropriate, cost effective and effective.
  • Ensure that NNL is compliant with all CS&IA requirements of applicable legislation.
  • Ensure that NNL maintains certification to ISO27001 and Cyber Essentials.
  • Provide assurance to the Senior Information Risk Owner and wider Executive Management Team on the status of the CS&IA controls.
  • Assure the delivery of CS&IA security controls (personnel, physical, procedural and technical) within NNL and the supply chain.
  • Provide accreditation to NNL systems within the limits of delegated risk
  • Manage the Security Aspects Letter (SAL) process.
  • Ensure that remedial actions are implemented in response to identified vulnerabilities.
  • Ensure that NNL, and particularly CS&IA practitioners, are aware of emerging threats and vulnerabilities.
  • Develop and manage the CS&IA Risk Management Framework.
  • Ensure that appropriate CS&IA Awareness training is provided to all NNL staff and contractors/agency support workers.
  • Lead the response to CS&IA incidents.
  • Ensure the functional delivery of security defensive monitoring bythe NNL contracted Security Operations Centre (SOC).
  • Plan and exercise for CS&IA resilience.
  • Manage investigations into CS&IA breaches.
  • Undertake the role of Partner Security Officer for the FOXHOUND/ROSA network.
  • Act as Deputy Data Protection Officer with specific responsibility for the protection of personal data.
  • Undertake the role of NNL Communications Security Officer (ComSyO).

Essential Requirements
  • UK National
  • A credible security professional with 10 years' experience within information and cyber security
  • CISM or C-CISO
  • ISO27001 Lead Auditor or Lead Implementor
  • NCSC Certified Professional, Senior Practitioner, SIRA
  • Recognised GDPR Practitioner Course
  • Experience of securing cloud environments
  • Experience of managing security
  • Demonstratable security leadership experience
  • Good communication skills
  • Good problem solver
  • Experience of managing security requirements through project lifecycles
  • Management of accreditation activities
  • Experience of working in a highly regulated environment

Desirable Requirements
  • Full Membership of IISP or Security Institute
  • Post Graduate Degree in Information and Cyber Security discipline
  • Recognised Cryptographic Materials Management Course
  • Experience of securing operational technology
  • CCSP
  • Experience of delivering cyber security and information assurance within the civil nuclear industry
  • Experience of managing security in the supply chain

Capita Resourcing welcome applications from all suitably qualified people regardless of gender, race, disability, age or sexual orientation.

Capita Resourcing is a trading name of Capita Resourcing Ltd. Services offered are those of an Employment Agency and Employment Business. Applicants will be required to register with us.

This job was originally posted as

Similar jobs

Similar jobs