| London Jobs |
| Manchester Jobs |
| Liverpool Jobs |
| Nottingham Jobs |
| Birmingham Jobs |
| Cambridge Jobs |
| Glasgow Jobs |
| Bristol Jobs |
| Wales Jobs |
| London Jobs |
| Manchester Jobs |
| Liverpool Jobs |
| Nottingham Jobs |
| Birmingham Jobs |
| Cambridge Jobs |
| Glasgow Jobs |
| Bristol Jobs |
| Wales Jobs |
| Oil & Gas Jobs |
| Banking Jobs |
| Construction Jobs |
| Top Management Jobs |
| IT - Software Jobs |
| Medical Healthcare Jobs |
| Purchase / Logistics Jobs |
| Sales |
| Ajax Jobs |
| Designing Jobs |
| ASP .NET Jobs |
| Java Jobs |
| MySQL Jobs |
| Sap hr Jobs |
| Software Testing Jobs |
| Html Jobs |
| Job Location | Greater Manchester |
| Education | Not Mentioned |
| Salary | Competitive salary |
| Industry | Not Mentioned |
| Functional Area | Not Mentioned |
| Job Type | Permanent, full-time |
Cloud Senior Information Security OfficerBand 2Type of contract: Full Time, permanentSalary: £60,188 to £70,217 per annumNationality Requirements:UK nationalsnationals of Commonwealth countries who have the right to work in the UKnationals from the EU, EEA or Switzerland with (or eligible for) status under the European Union Settlement Scheme (EUSS)Please note, we are not able to sponsor work visas. Please contact us at .uk should you have any questions on your nationality eligibility.Why are we recruiting for this roleThe NAO is expanding its Information Security team to support the evolving needs of the business and enable continuous improvement in response to an ever-changing threat landscape. The continued adoption of cloud services changes how organisations identify, protect, detect, respond and recover from threats and risks; whilst maintaining continuous assurance and delivering continuous improvement of our security posture and risk profile in support of our ambition of being an exemplar organisation.Who are the teamThe Senior Information Security Officer is an integral role in the ongoing development and continuous improvement of the NAOs "Cloud First" strategy. Youll play a key role in identifying, evaluating, measuring and managing cyber risks; and be responsible for supporting the continuous assurance and continuous improvement of our security posture and risk profile.The Senior Information Security Officer role sits within a diverse, inclusive, respectful and agile team of information security professionals; responsible for enabling the business to better understand, identify and manage the threats and risks that impact the NAOs ability to deliver on its vision and strategy.What are the main responsibilities of this roleThe Senior Information Security Officer role primarily focuses on the following key areas of responsibility:• Information Assurance - Evaluate and asses existing cloud security controls in accordance with the NAOs ISO27001 certified Information Security Management System; providing assurance to key stakeholders around our security posture and risk profile, supported by appropriate and proportion recommendations around how the NAO can drive continuous improvement.• Risk Management - Proactively identifying, evaluating, assessing and reporting on risks that impact the NAOs ability to deliver on its vision and strategy; working with key stakeholder groups in the delivery of appropriate and proportionate mitigations that continuously improve the NAOs risk profile.• Continuous Improvement - Support the NAOs commitment to information security by supporting the continuous improvement of our cloud security controls in response to the ever-changing threat, business and regulatory landscape.The successful Senior Information Security Officer will have the opportunity to develop and grow in field such as security testing, audit, assurance and ISO27001. Furthermore, you will have the opportunity to influence the direction of our Information Security Strategy; as we support the business in delivering on its strategic objective(s) of being an exemplar organisation.About the National Audit OfficeThe National Audit Office (NAO) supports parliament to hold government to account and to improve public services. We focus on driving long-term sustainable improvement in public service delivery and work with government and our stakeholders to deliver better performance. In a nutshell, we help the nation spend wisely.The NAO welcomes applications from everyone. We value diversity in all its forms and the difference it makes to our organisation. By removing barriers and creating an inclusive culture all our people have the opportunity to develop and maximise their full potential. As members of the Business Disability Forum and the Disability Confident Scheme we guarantee to interview all disabled applicants who meet the minimum criteria. The NAO supports flexible working and is happy to discuss this with you at application stage.Relationships:• Reporting to: Head of Information Security• Internal relationships: Critical relationships with Information Security peers, Digital Services, IT Operations and project teams.• External: Suppliers, vendors, and peers in similar organisations.• Resources Managed: NoneResponsibilities Information Assurance• Discover, validate and drive remediation of security threats, risks, vulnerabilities and configuration gaps that may exist across NAO cloud services.• Evaluate and assess existing security controls in accordance with the NAOs ISO27001 certified Information Security Management System• Develop and maintain a schedule for the ongoing assessment of security controls, seeking opportunities to leverage automation to enable a continuous assurance culture.• Support the ongoing assurance of suppliers and cloud service provider (CSPs), advising on cloud specific regulatory risks or regulatory requirements relating to cloud assurance• Proactively identify, evaluate, document and report on areas of non-compliance and non-conformity to key stakeholdersRisk Management• Proactively identify, evaluate and assess threats and risks that may impact the NAOs ability to deliver on its vision and strategy• Clearly communicate risks to key stakeholders with recommendations on appropriate and proportionate mitigations• Contribute to the management and maintenance of the Information Security Risk Register• Manage and coordinate the delivery of appropriate and proportionate mitigations in accordance with theInformation Security Continuous Improvement PlanContinuous Improvement• Identify, develop, implement and continuously improve appropriate and proportionate cloud security controls in response to an evolving threat landscape• Work in collaboration with the wider Information Security and Digital Services teams in the continuousimprovement of cloud controls, policies and standards; as part of our ISO27001 certified Information Security Management System• Promote, evangelise and support the continuous improvement of cloud security controls; empowering the business in the continued application of "security and privacy by default" principles• Support the delivery of the proactive communications and security awareness campaigns to key stakeholder groups across the business.• Support the delivery and continuous improvement of the NAO Information Security Strategy• Support the wider business in the delivery of strategic business changes and technical projects• Deliver and maintain documentation and procedures to ensure effective, ongoing management of our Information Security Management System.• Most importantly of all being curious, seeking to learn and striving for excellenceSkills required Experience• Demonstrable, technical background working in an information security, cyber security or security leadership role within a fast paced and dynamic environment• Demonstrable experience contributing to the delivery of and cont