Chief Information Security Officer

Job Description

This is a new role within the UKCloud business the role will the responsible for creating, owning and overseeing the implementation of a holistic Cyber Security and Information Assurance Strategy, providing guidance and assurance to the UKCloud Board. The CISO will also have ownership for the security architecture across all UKCloud platforms, solutions and services, ensuring that they comply with international, national, customer and UKCloud policies, standards, guidelines and design patterns.Chief Information Security Officer Responsibilities:Assess and understand the companys current security posture and future architecture, providing recommendations for improvement and risk reductionProvide robust direction across UKCloud’s suppliers and business partners on cyber security standards, requirements and defining acceptable risk positions.As subject matter expert for operational security, youll provide advice and guidance to other teams within the business on good practice and maintain relevant and current industry knowledge through publications, events and training.Working collaboratively with other technology architects to ensure that security is adopted and properly embedded in their respective technology domainsDesign and specification of new security technologies that the organisation may wish to adopt or productise for customers which support business strategies & goalsEnsuring effective monitoring and reporting is present across all business areas to manage security incidents and information security vulnerabilities and threats.Set direction for technical activity in support of cyber investigations.Supporting the framework of risk assessments and audit activities managed by the UKCloud Compliance Team, conduct assessments of current IT security practices and systems, identifying areas for improvement.Manage external technical security assessments (e.g.ITSHC/CHECK) and remedial-activitiesChief Information Security Officer Requirements:Strong experience with security strategy, with a passion to make security realistic and achievableExperience of producing strategy documents and security architecture design documents.Extensive experience in the development and implementation of security strategy, policies, standards and procedures.At least 10 years of broad security experience, with a relevant general security qualification (e.g. CISSP, CRISC, CISM).Highly experienced in interpreting & implementing HMG security policy.At least 10 years of experience developing security architecture, with a relevant senior security architecture qualification (e.g. CCP Senior Security Architect).At least 5 years of experience in risk assessment and risk management, with a relevant risk management qualification (e.g. CCP SIRA).Extensive experience in working on or with high assurance systems across HMG.Experience in providing board-level representation of security.Extensive experience in security incident response.Extensive experience in managing the conduct of Security IT Health Checks (ITHC) and remedial activities.A solid understanding of securely handling sensitive data, including data valuation and interpretation of GDPR, DPA and other relevant legal instruments.Experience with leading cloud platforms and provider ecosystems.Experience with multivendor solutions across a broad portfolio of technologies and products.About UKCloud:UKCloud provides an unbeatable, secure UK public cloud. Focused solely on serving the UK Public Sector. We are committed to assurance and security while delivering flexible, agile and value-based cloud hosting to our customers.Formed in 2012, UKCloud is based in Farnborough (Hampshire) and Corsham (Wiltshire). We have a team of 200 people and we continue to grow! We are looking for people who want a rewarding career in a business who truly invest in you as an individual.Location: Farnborough, HampshireSalary: CompetitiveJob type: Permanent, full timeBenefits: Competitive salary and bonus scheme. 25 days holiday increasing to 30 days over length of service, half a day birthday leave, charity day. Contributory pension. Healthcare. Life cover. Access to free parking. Active social and charity events. Cycle to work scheme. Onsite facilities - Friday breakfasts, fruit and soft drinks.UKCloud is an equal opportunities employer and positively encourages applications from suitably qualified and eligible applicants. Applicants must be eligible to work and live in the UK and will be required to undergo and maintain appropriate UK government security clearance.You may have experience of the following: Information Security Officer, Information Security Analyst, Engineer, Technician. Security Operations Centre Analyst, Security Operations Centre Manager, ISO270001, ITIL, Cyber Security, IT Security Manager, Computer Forensics, Vulnerability Analysis, Threat Detection, Penetration Testing, Risk Analysis, Cyber Security Analyst, etc.Ref: 94818