Offre d'emploi Deputy Director Chief Information Security Officer - GCHQ - SCS1

The UK Intelligence Community (UKIC) is seeking an outstanding Chief Information Security Officer (CISO) to lead cyber security and information governance across some of the nation’s most sensitive missions. Accountable to the UKIC Infosec Director, this is one of the most high-profile technical leadership roles in government, shaping the strategic direction of information security to protect the UK against the most capable and persistent adversaries. The successful candidate will ensure operational resilience and secure innovation in support of national intelligence objectives, delivering results in a highly complex and rapidly evolving environment.

As CISO, you will work with colleagues to set and implement the organisation’s cyber and information security strategy, striking the right balance between capability, acceptable risk and technological progress. You will integrate security governance into a complex set of cross agency organisational decision-making, forums ensuring that information risks are managed effectively and proportionately, and that security is embedded at every level. This includes advising executive boards and senior leaders on the potential implications of major programmes, and guiding the organisations in safely embracing innovation and digital transformation.

You will be responsible for designing and leading the UKIC’s end-to-end risk management framework. This includes defining and tracking cybersecurity KPIs, producing regular reports for senior stakeholders, conducting organisation-wide risk assessments and overseeing vulnerability management to ensure compliance with relevant frameworks. You will be responsible for designing incident response and business continuity strategies and ensuring they are implemented by business areas. Your leadership will be central to developing sustainable security budgets and resourcing strategies that ensure capabilities remain strong in the face of emerging threats.

This role demands exceptional communication skills and the ability to influence at the highest levels of government. You must be confident presenting complex security concepts to both technical and non-technical audiences, including boards, ministers and cross-government stakeholders. You will draw on significant experience delivering robust security strategies in complex organisations and demonstrate deep knowledge of cyber threat landscapes, risk management practices and modern security technologies. International relationships are a critical element of this role, so familiarity working with key allied governments would be valuable.

You should bring expertise in securing cloud environments and emerging technologies within digital transformation programmes, alongside a strong understanding of regulatory compliance frameworks such as NIST, ISO 27001, GDPR and GovS 007. Professional certifications such as CISSP, CISM or CCISO are highly desirable. A proven track record in embedding a positive security culture, mentoring high-performing teams and managing supplier security will be critical to your success.

This is a unique opportunity to take on one of the most influential cyber security leadership roles in the UK. Protecting the nation’s intelligence capabilities requires vision, strategic acumen and operational excellence. If you are ready to take on this challenge, and have the skills, integrity and commitment to safeguard national security, we invite you to join us in delivering a secure future for UK intelligence.

The role can be based in Cheltenham, Manchester or London, with a regular presence required in those locations. The ability to undertake occasional international travel is desirable. 

Key Responsibilities

• Develop, maintain and articulate a clear understanding of the cyber and information security risks inherent across the whole organisation in order to provide assurance to the UKIC Group Senior information risk owner (SIRO).  

• Create and implement information security strategy which supports the organisation in determining the right balance between the organisation's cyber and information security capabilities, acceptable level of risk and speed of technology progress.

• Ensure an effective cyber and information security governance framework that is integrated with overall organisational governance.

• Define and track cybersecurity KPIs, producing regular executive and board level reports on security posture.

• Enable the organisation to innovate safely by advising senior leadership on the potential risks and implications of major decisions that impact information security.

• Oversee the creation and implementation of relevant policies and standards which ensure effective information risk management.

• Identify and deliver opportunities for improvement of the security operations function to ensure timely detection and response to security incidents.

• Lead and mentor high performing information security professionals, fostering a culture of professional development.

• Play a leading role in multiple Technical and programme boards.

• Work closely with stakeholders from across the UK Intelligence Community to ensure an end-to-end approach to cyber security and ensure that cyber security is embedded at all levels.