Warning
This job advert has expired and applications have closed.
89685 - Deputy CISO
| Posting date: | 13 August 2024 |
|---|---|
| Salary: | £66,314 to £80,370 per year |
| Additional salary information: | The national salary range is £66,314 - £75,810, London salary range is £70,303 - £80,370. Your salary will be dependent on your base location |
| Hours: | Full time |
| Closing date: | 30 August 2024 |
| Location: | UK |
| Remote working: | Hybrid - work remotely up to 2 days per week |
| Company: | Ministry of Justice |
| Job type: | Permanent |
| Job reference: | 89685 |
Summary
Deputy Chief Information Security Officer (CISO)
The MoJ Information Security Team sits at the heart of the Ministry of Justice. We enable good security practices through the provision of security policies, guidance and education, understand information security risks from all parts of the organisation and provide assurance to senior leaders that these risks are being effectively managed in the delivery of MoJ’s objectives.
As the Deputy CISO you will help to coordinate the Office of the CISO within the MoJ Information Security Team and will be empowered to act as the MoJ CISO when the CISO is unavailable. The Deputy CISO will provide advice and guidance on security issues for the MoJ, working with senior leaders across the department, and supporting our team as we work with different boards and committees.
One of the largest parts of your role will be in security education awareness and culture, helping to drive a positive and just security culture across the entire department. You will lead the development and rollout of pragmatic security guidance and standards, and ensure these are adopted department-wide, working closely with the Government Security Group in the Cabinet Office, and with other partners, to achieve this.
You will also be responsible for providing security support to MoJ colleagues, suppliers and third parties as they have security queries on any aspect of our work. A significant part of your role will be about relationships - ensuring we have effective security partnerships across the different MoJ agencies and public bodies, tailoring the provision of support to these entities to meet their bespoke and unique requirements. An important part of your work will be to increase our collective capacity for cyber security exercises and tabletop practices for different situations, and helping ensure these are used at the right point to build capability.
Related to this, you will support partnering activities with the wider sector, through groups like the Justice Working Group, ensuring that we are working effectively with entities like the GSeC, GSG and NCSC, as well as in collaboration with the CPS, AGO, and other related justice organisations. You will be the lead for Pillar 2 (Creating a Positive Security Culture) - and Pillar 8 (Securing the Justice Community) of the MoJ Cyber Security Strategy, through the security culture work you will lead on, as well as the wider sectorial support.
You will be part of the MoJ Information Security Team's senior leadership team and will be an important part of the Security and Information Group's leadership community. You will also work closely with the Government Security Group in the Cabinet Office, and the National Cyber Security Centre – helping to benefit from their expertise and sharing our team’s work with others across HMG.
All members of the team are expected to help develop the MoJ Security Function as a centre of expertise for the department and to contribute to building a brilliant and diverse team that is a welcoming place for all.
MAIN RESPONSIBILITIES
• Be a member of the MoJ’s security leadership team, setting the direction for the area as a whole and representing the entire area (beyond your local team) at corporate events, deputising for the CISO as required.
• Leading a small team of information and cyber security specialists, prioritising work, and developing and implementing a team strategy - helping to focus our resources where they will bring the biggest benefit in improving the department’s cyber security. Development and implementation of a people strategy for your team, covering team size, skills, recruitment and training. Develop and implement a plan for improving employee engagement and making the team a great place to work based on data from people surveys.
• Provide high quality operational services, such as the security single point of contact, helping colleagues across the entire MoJ get swift resolution of their security queries, and enabling learning and improvement from it.
• Lead the team in developing alternative ways to communicate their expertise - such as via policy, guidance, blogs, training etc. - to help other teams do effective security themselves, and to enable the team to focus on the highest priority tasks.
• Lead the security culture programme to improve all aspects security culture across the MoJ. This will involve overseeing the production of briefing materials for senior stakeholders up to permanent secretary, rolling out a programme of education and awareness, overseeing the production and publication of guidance and policies for all users and implementing effective ways to track and measure the success and impact of the programme.
• Engage effectively with other business areas and the MoJ’s public bodies understand their security needs, and helping them to embed effective cyber security into their work, aligned to the MoJ’s cyber security strategy.
• Provide strategic input into material that supports security governance in the MoJ and across government including overseeing responses to data requests, preparing financial bids, providing updates to governance boards up to Executive Committee and contributing to agencies’ Audit, Risk and Assurance Committees’ discussions on cyber security.
The MoJ Information Security Team sits at the heart of the Ministry of Justice. We enable good security practices through the provision of security policies, guidance and education, understand information security risks from all parts of the organisation and provide assurance to senior leaders that these risks are being effectively managed in the delivery of MoJ’s objectives.
As the Deputy CISO you will help to coordinate the Office of the CISO within the MoJ Information Security Team and will be empowered to act as the MoJ CISO when the CISO is unavailable. The Deputy CISO will provide advice and guidance on security issues for the MoJ, working with senior leaders across the department, and supporting our team as we work with different boards and committees.
One of the largest parts of your role will be in security education awareness and culture, helping to drive a positive and just security culture across the entire department. You will lead the development and rollout of pragmatic security guidance and standards, and ensure these are adopted department-wide, working closely with the Government Security Group in the Cabinet Office, and with other partners, to achieve this.
You will also be responsible for providing security support to MoJ colleagues, suppliers and third parties as they have security queries on any aspect of our work. A significant part of your role will be about relationships - ensuring we have effective security partnerships across the different MoJ agencies and public bodies, tailoring the provision of support to these entities to meet their bespoke and unique requirements. An important part of your work will be to increase our collective capacity for cyber security exercises and tabletop practices for different situations, and helping ensure these are used at the right point to build capability.
Related to this, you will support partnering activities with the wider sector, through groups like the Justice Working Group, ensuring that we are working effectively with entities like the GSeC, GSG and NCSC, as well as in collaboration with the CPS, AGO, and other related justice organisations. You will be the lead for Pillar 2 (Creating a Positive Security Culture) - and Pillar 8 (Securing the Justice Community) of the MoJ Cyber Security Strategy, through the security culture work you will lead on, as well as the wider sectorial support.
You will be part of the MoJ Information Security Team's senior leadership team and will be an important part of the Security and Information Group's leadership community. You will also work closely with the Government Security Group in the Cabinet Office, and the National Cyber Security Centre – helping to benefit from their expertise and sharing our team’s work with others across HMG.
All members of the team are expected to help develop the MoJ Security Function as a centre of expertise for the department and to contribute to building a brilliant and diverse team that is a welcoming place for all.
MAIN RESPONSIBILITIES
• Be a member of the MoJ’s security leadership team, setting the direction for the area as a whole and representing the entire area (beyond your local team) at corporate events, deputising for the CISO as required.
• Leading a small team of information and cyber security specialists, prioritising work, and developing and implementing a team strategy - helping to focus our resources where they will bring the biggest benefit in improving the department’s cyber security. Development and implementation of a people strategy for your team, covering team size, skills, recruitment and training. Develop and implement a plan for improving employee engagement and making the team a great place to work based on data from people surveys.
• Provide high quality operational services, such as the security single point of contact, helping colleagues across the entire MoJ get swift resolution of their security queries, and enabling learning and improvement from it.
• Lead the team in developing alternative ways to communicate their expertise - such as via policy, guidance, blogs, training etc. - to help other teams do effective security themselves, and to enable the team to focus on the highest priority tasks.
• Lead the security culture programme to improve all aspects security culture across the MoJ. This will involve overseeing the production of briefing materials for senior stakeholders up to permanent secretary, rolling out a programme of education and awareness, overseeing the production and publication of guidance and policies for all users and implementing effective ways to track and measure the success and impact of the programme.
• Engage effectively with other business areas and the MoJ’s public bodies understand their security needs, and helping them to embed effective cyber security into their work, aligned to the MoJ’s cyber security strategy.
• Provide strategic input into material that supports security governance in the MoJ and across government including overseeing responses to data requests, preparing financial bids, providing updates to governance boards up to Executive Committee and contributing to agencies’ Audit, Risk and Assurance Committees’ discussions on cyber security.