This job has expired

Principle Cyber Security and Compliance Officer

Employer
Hays.
Location
United Kingdom, Liverpool
Salary
Competitive
Closing date
1 Aug 2022

View more

You need to sign in or create an account to save a job.
Your new company

Join a public sector combined authority who work to make investments in areas that have a real impact on our communities, such as transport, employment, culture, digital and housing. My client is a combination of six local authorities in the area who work together to ensure everyone benefits from the decisions they make. They help the economy thrive for the good of everyone who lives and works here. If you want to make a difference in your community while also working for an innovative and digitally focused organisation, if you are excited about the challenge of leading the way for this organisation in their Cyber Security journey, and if you want to work for an organisation who lives and breathes doing the right thing, then this role is perfect for you.

Your new role

The primary focus of the post is six-fold:
  • To focus on securing the systems and data assets of the organisation
  • To develop, maintain and continually improve appropriate Cyber Security Controls, Procedures, and Internal Standards. Specifically, ensuring that the organisation achieves and retains assurance certifications such as Cyber Essentials Plus and the ISO/IEC 27000 family of standards.
  • To provide expert Cyber Security advice, guidance, and support to the entire organisation
  • To oversee and quality assure the handling of security incidents and problems
  • To contribute to the wider IT Team, guiding on security for all our services.
  • To be the “voice” of Cyber Security when liaising with other areas of the business; to lead by example; share knowledge and best practice guidance and to cultivate organisation wide ownership of Cyber Security matters.


The specifics:

  • Cyber Security:
    • Lead in establishing and maintaining the Cyber Security standards across the organisation, develop and document protocols and processes in response to identified risks. Work with colleagues across the business to implement the plans for any technologies or assets which are not compliant.
    • Play an active role in the development and maintenance of the organisation’s Technical Roadmap and IT Standards.
    • Develop, maintain, and implement Cyber Security incident response plans.
    • Research threats to the security of the data held by the organisation.
    • To lead the Patch Approval Board and advise members on the current threat landscape.
    • Stay abreast of the latest developments in Cyber and new approaches to threat mitigation and seek to embed them within the organisation.
  • Compliance
    • Lead in the development and continual implementation of IT technical controls relating to Cyber Security.
    • Manage and respond to cyber breaches or incidents to secure and restore services.
    • Take the lead in IT Cyber Security audits and assist the IT Governance Manager in all audit activities, deputising at meetings where required.
    • Assist in the review of current and new contracts to ensure Cyber Security elements are included.
    • Assist in investigations raised through the Information Security Incident Management system.
    • Assist with annual PCI-DSS Compliance assessments and activities.
  • Planning and Communication
    • Assist the IT Management Team in the development of reports for Executive Leadership Team.
    • Highlight the progress made and risks averted to IT Management Team.
    • Develop plans that ensure an effective organisational response to Cyber Security Incidents.
    • Assist IT Management in the production and maintenance of business continuity plans in relation to cyber related incidents.
    • Review and contribute to documentation in the Information Management Policy Framework in relation to Cyber Security.

What you'll need to succeed

  • Experience in a Cyber or Information Security role
  • Excellent interpersonal skills, with the ability to communicate technical ideas effectively to a non-technical audience
  • Ability to influence others and develop and maintain effective working relationships with staff at all levels
  • An industry standard Cyber/Information Security qualification e.g. CISM/CISSP
  • Ability to prioritise your workload and work to conflicting deadlines
  • Be a self-starter and able to work on their own initiative to drive organisational change around Cyber Security
  • Work effectively and efficiently from home and in the office


We seek demonstrable experience in the following areas:

  • Developing Cyber Security plans and implementing processes to support
  • Working in a technically diverse IT estate (physical, virtual, network, data centres, applications servers, web servers, cloud connectivity)
  • Security tools within the Microsoft 365 suite
  • IT Service Management processes


The following are desirable attributes:
  • Experience of working in a hybrid cloud/on-premise based environment
  • Experience of working with third party incident response specialists
  • Good understanding of LAN/WAN networking
  • ITIL v3/4 Foundation

What you'll get in return

  • Starting salary £42,321 which can rise to £46,247 over time
  • Local government pension scheme
  • 35-hour week Monday to Friday, working flexibly between the hours of 07:00 and 19:00, working in a hybrid manner from home and from our headquarters in Liverpool
  • Flexi-scheme which provides the facility to take compensatory time off for additional hours worked upon approval from the line manager
  • Holiday entitlement of 28 days, which increases after 5 years’ service. Bank holidays are in addition to this
  • Free travel on public transport (bus, rail, ferry) within Merseyside
  • Wide range of learning and development opportunities

What you need to do now

If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career.
You need to sign in or create an account to save a job.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert