Job Vacancy Chief Information Security Officer - DBT - SCS1

Location


, , , , , , .


About the job


Job summary

The Department for Business and Trade's Digital, Data & Technology directorate are 550 colleagues committed to delivering a wide array of high quality services, tools and capabilities to support the department's objectives. As we mature after a period of rapid growth, this is an exciting opportunity to shape the evolution of our Cyber-Security team as the first CISO in the department. You will play a key role in protecting critical national infrastructure that is essential to ensuring goods cross our borders and businesses flourish.

You will join a kind and supportive culture that works in a matrix model aligned to the Government Digital Service's capability framework. The Cyber team are key to our work whether it is building, buying or delivering digital, data and technology services.

Job description

The Chief Information Security officer creates an environment and culture in the department that ensures the security of its information and technology. They enable the department to achieve its objectives and deliver services in a safe and secure way.

The Chief Information Security officer role is part of both the Government Digital and Data profession and the Government Security profession.

In this role, you will:

• Create a strategy for information and cyber security that supports both the departments strategy and wider government security strategy?
• Lead the department in implementing the information and cyber security strategy?
• Evaluate the current status and maturity of information and cyber security in the department ?
• Determine how to get to the level of information and cyber security maturity the department needs?
• Understand risks across the department and advise leaders on how to mitigate risks in their areas and in future plans?
• Enable the department to be innovative in a safe and secure way?
• Ensure the department is prepared for cyber attacks and can detect, respond to and recover from an attack?
• Ensure that information and cyber security aspects of crisis management are effective?
• Encourage a culture of cyber security awareness and good security practices?
• Implement practices to increase the maturity of information and cyber security

Person specification

You must demonstrate experience of collaborative leadership and stakeholder management and meet the following Cyber experience:

• Strategic Cyber Security Planning.?
• Cyber Security Governance.?
• Cyber Risk Management.?
• Security Architecture.?
• Cyber Incident Management.?

Details of the criteria listed above can be found on the