Job Reference: BBBH48185
Job Duration: 12 Months
Start date: ASAP
Description:
Chief Information Security Officer
London, Bristol OR Manchester (1-2 days per week on-site)
Day rates: £1000-1100 per day
12 months
INSIDE IR35
Concept Resourcing are looking for a Chief Information Security Officer to join a Central Government client based in London/Bristol OR Manchester.
This is an initial 12 month contract with a possible extension. The role is INSIDE IR35. Day rates between £1000-1100 per day, depending on experience.
The ideal candidate must have the following experience;
* Must have active SC Clearance
* Ideally experience in both central government and large private sector organisations
* Have an understanding of best practice for Governance, Risk and Compliance (GRC) within Information Security and risk management, which could include knowledge of relevant standards such as ISO/IEC 27001, PCI-DSS and NIST CSF. However the primary reference point for this client will be the NCSC's Cyber Assessment Framework.
* Demonstrate a depth of experience around cyber operations including vulnerability management, endpoint protection, firewalls, IDS/IPS, Identity and access management, SIEM and SOC.
* Have significant experience of embedding cyber security approaches within the Software Development Life Cycle.
* Be up to date with, and current experience of, the security aspects of digitisation initiatives such as remote working and cloud migration.
* Understand the threat landscape in broad principles, and how existing or emerging threats to assets can be used to inform decisions. Maintain close and productive relationships with relevant government agencies. We would expect this to extend to risk assessmentand risk management theory and approaches.
* Be able to demonstrate organisation wide influence and changes in attitudes towards information risk and cyber security, including at the most senior levels.
* Have experience in developing and implementingsecurity policies, procedures, and guidelines
* Have demonstrable experience in managing security teams/capabilities to support the mitigation of risks, these will need to adapt to our delivery needs.
* Be well networked in the cyber security space egwith other CISO peers as well as relevant industry or government qualifications and institutional memberships.
* Hold professional certifications and qualifications demonstrating managerial and technical competence within Cyber Security. Aligned to professional standards defined by the UK Cyber Security Council.
This role is part of the Government Security Profession, for thisrole the minimum skill expectations required are:
Protective Security
* Leads innovation in protective security, takinginto account other specialisms/enablers and business drivers
* Promotes the development of individuals against the career framework
* Promotes the use of protective security as a business enabler at board or senior management level Is an active memberof the UK security community
Threat Understanding
* Describes specific threats and how they may manifest themselves in alocal environment
* Maintains understanding of local threat environment and can apply to inform and provide context for wideractivities
* Uses local threat information in decision-making and planning
* Demonstrates knowledge of current threats and trends affecting the landscape
Risk understanding and mitigation
* Describes the basic principles of risk understanding and mitigation
* Supports security professionals in carrying out risk assessments and developing mitigation strategies
* Follows documented principles and guidelines for risk understanding and mitigation
RECOMMENDATIONS: - If you have professional friends/colleagues who would be interested in one of our roles and our excellent levels of service too, we'd like to recognise yourrecommendations with our referral scheme.
Industry: IT
Salary: £1000 - £1100 per day
Salary Benefits:
Vacancy Type: Contract
Job Skills: CISO, NCSC, Cyber Security, Information Security, Risk Management, ISO/NIST/CAF/PCI
Contact Name: Daniel Speake
Website: -
Direct Application URL: -