Head of Cyber Security

Job Title: Head Cyber Security Technology

Location: Address: Reading/Havant

Mode of working: Hybrid (2 to 3 Days in the Office)

Duration: 6+ Months contract initially

SECURITY CLEARANCE LEVEL REQUIRED

BS7858

Description:

• We are seeking an experienced and visionary Head of Cyber Security Technology who will work across the client Group and deputise for the Group Chief Information Security Officer.
• The role holder will lead a small team to drive IT and OT cyber security strategic direction and define and govern enterprise security architecture and will be the technical cyber security authority for the Group while also leading the Group wide IT security risk position working closely with Group IT.

Responsibilities:

• Develop and maintain the enterprise cyber security architecture for the Group including development of enterprise architecture standards and patterns that address the requirements of both IT and OT that aligns with industry standards, regulatory requirements and best practice in support of high risk and critical programmes and projects.
• Lead IT security risk position and lead consulting and assurance engagement into Group IT products and services. This includes overseeing the IT security risk position and mitigation planning. Management and challenge of security assurance to critical IT security projects and programmes.
• Lead clients Secure by Design approach and provide technical expertise and support for the development and implementation of cyber security policies and architecture standards and patterns.
• Define and manage a security tooling roadmap to ensure the implementation of effective security controls and technologies and regularly update cyber security technical strategies including emerging innovation and technological advancements.
• Establish and enhance a cyber resilience capability and exercising capability working with all of the Business Units and the Group wide resilience function including working with the National Energy System Operator on cyber resilience.

Skills:

• Enterprise security architecture expertise and ability to understand and advise on the strategic direction for cyber security in IT and OT implementations advising programmes and projects with pragmatic best practice advice.
• A deep understanding of network security, OT and IT security, application security, identity management, cloud security, and endpoint security including knowledge of firewalls, intrusion detection systems, encryption, and other security technologies and industry standards and frameworks such as NIST, ISO 27001, and IEC 62443.
• Effective communication skills so that you can explain complex security concepts to non-technical stakeholders and for collaborating with other IT and engineering professionals and experience in interacting with C level executives.