Chief Information Security Officer (CISO)
Are you a Chief Information Security Officer looking for a new challenge? If so, please get in touch for a confidential chat. My client is looking to hire an experienced CISO to lead security across one of their major programmes, details of which can be discussed on a call.
As CISO you will be responsible for:
- Setting the overall approach to security for the Programme, including the relevant process controls and technical controls.
- Identifying and managing all relevant security processes including SyOps, RMADS and other security processes including audit and accreditation.
- Providing direction for the operational security management team.
- Providing operational oversight of the Security Operations Centre (SOC) and management of security incidents.
- Ensuring that relevant security controls are implemented within other work streams.
- Working with other members of the team to ensure that the relevant security controls can be delivered within the allocated time and cost budgets.
- Managing the security aspects of the Programme supply chain through third party suppliers.
This is a business-focused, customer facing role which would suit someone with both technical and business/managerial skills.
You should be comfortable:
- Dealing with key customer decision makers such as IT Directors, Programme Managers and Partners.
- Working as part of a virtual matrix management team, reporting into a number of people including business line managers, solution owners and project leads.
- Shaping proposals to be commercially acceptable to the customer and able to make security trade-offs as required.
- Contributing to customers security architectures, designing new solutions of significant size and complexity.
- Managing the work of other SMEs contributing to the design, implementation and operation of the network services.
- Taking responsibility for security input to security accreditation and business management meetings.
- CESG Certified Professional (CCP) SIRA or Security Architect (Practitioner).
- Policies (including JSP440 and JSP604) and CESG Architecture Patterns at all Government security classifications.
- Candidates must demonstrate an ability to coordinate security across a complex programme, liaising with key stakeholders, providing technical security advice, and managing teams
- Well-developed leadership, management and consulting skills
- Knowledge and experience of HMG Security Accreditation and governance processes.
- Deep IA knowledge and experience of working to the highest levels of HMG security
- Strong communication and technical writing skills.
- Thorough knowledge of security technologies and associated products
- Expert in Risk methodologies and tools
- Customer and business focused
- Ability to control teams and ensure delivery
The work will be mainly based in Basingstoke office but some travel to customer sites will be necessary.
Due to the nature of the work, the successful candidate will need to be Security Cleared to SC level prior to starting.
Project People is acting as an Employment Agency in relation to this vacancy.