Cyber Security Project Lead (Infected Blood Compensation Authority)
| Posting date: | 12 August 2025 |
|---|---|
| Salary: | £57,204 to £63,953 per year |
| Additional salary information: | Important information about pay - it is expected that from 1 October 2025 the pay for this role will be £58,655. In addition, once the role holder has completed their probationary period (usually 6 months) they will become eligible to receive a pay premiu |
| Hours: | Full time |
| Closing date: | 25 August 2025 |
| Location: | Newcastle-upon-Tyne |
| Company: | Government Recruitment Service |
| Job type: | Permanent |
| Job reference: | 421609/1 |
Summary
This role will be accountable for the implementation and management of various security projects that will help to improve the security posture of organisational and operational components needed to provide the IBCA compensation service.
The role will work alongside the Head of Cyber and Information Security to manage the various complex security projects that are currently underway to further improve the security posture of the IBCA estate. The successful individual will be capable of working independently at pace to manage projects, stakeholders, and ensure progress is made under challenging conditions.
Working at IBCA gives you a huge opportunity to make an impact on those who deserve compensation. This role suits a highly adaptable and resilient project manager with security experience who excels at communication, empowers diverse teams, strategically navigates complexity, and proactively solves problems to drive continuous security improvement.
Opportunities to move to the new Infected Blood Compensation Authority (IBCA)
At the moment all IBCA roles are hosted by Cabinet Office within the Civil Service. However, once IBCA becomes operational, it is anticipated that most of these roles will transfer to IBCA, which is a new Arms Length Body (ALB) separate from the Cabinet Office. Roles that transfer to IBCA from Cabinet Office will maintain the same or substantially the same terms and conditions of employment that are overall no less favourable. It is anticipated that employees who move from Cabinet Office to IBCA will be able to continue to participate in the Civil Service Pension arrangements with no break in their pensionable service. Roles commencing after IBCA has become operational will be with IBCA itself on similar terms and conditions. All successful candidates will receive full details of the terms and conditions of employment for their role with their formal job offer.
Please note that the mission of IBCA means that it is likely to be operational for a period of approximately 5 to 7 years. When IBCA’s work begins to wind down, IBCA employees will receive support and practical guidance to find a new role, whether in the Civil Service, another Arms Length Body (ALB), or an external employer.
The Cyber Security Project Lead is responsible for leading and managing the successful delivery of cybersecurity projects across the organization. This role ensures that all initiatives related to information security, risk management, and regulatory compliance are strategically aligned with business goals and executed effectively.
The Cyber Security Project Lead works closely with technical teams, business stakeholders, and external vendors to plan, coordinate, and oversee a wide range of cybersecurity initiatives—including system upgrades, security tool implementations, incident response improvements, and compliance audits. They ensure that projects are delivered on time, within scope, and within budget, while maintaining the highest standards of security and data protection.
Key responsibilities include defining project objectives and requirements, developing detailed project plans, managing risks and dependencies, and ensuring that all deliverables meet security standards and industry best practices. This role also involves tracking progress, preparing status reports for senior management, and adapting project plans in response to changing priorities or threats.
The ideal candidate will have a strong background in project management, excellent leadership and communication skills, and a working understanding of the principles of cyber security. They must be able to translate complex technical concepts into actionable plans and effectively drive cross-functional collaboration.
Main Responsibilities
- Project Leadership: Lead, manage, and ensure the successful delivery of security-focused projects related to the compensation scheme. Develop and maintain a delivery plan of all ongoing and future security projects. Projects may involve introduction of new technology, secure data systems, privacy measures, and protection of personal data.
- Stakeholder Engagement: Collaborate with internal teams (e.g. IT, legal, and claims management), external vendors, and government stakeholders to ensure all security initiatives meet the necessary requirements and align with IBCA’s objectives.
- Security Risk Management: Identify, assess, and mitigate security risks related to the compensation process, including handling of sensitive claimant data, ensuring compliance with data protection laws (e.g., GDPR), and managing digital security threats.
- Compliance and Regulatory Oversight: Ensure that all security practices, policies, and systems are fully compliant with relevant regulations, including the Data Protection Act, GDPR, and UK government security standards such as CAF and Secure by Design.
- Cybersecurity Management: Oversee the security of the IT systems and infrastructure used to manage compensation claims, ensuring the implementation of best practices in cybersecurity. Work with IT teams to safeguard against data breaches, hacking attempts, and insider threats.
- Vendor and Contractor Management: Manage external vendors and contractors involved in security projects, ensuring that they meet contractual security standards and comply with all data protection regulations.
- Documentation and Reporting: Maintain accurate and comprehensive project documentation, including risk assessments, incident reports, security protocols, and post-project reviews. Provide regular status updates to senior leadership.
- Incident Response: In the event of a security breach or data incident, lead the response efforts, including investigating the breach, implementing remedial actions, and liaising with the Information Commissioner’s Office (ICO) and other regulatory bodies.
- Training and Awareness: Develop and deliver security training programs for IBCA staff, ensuring awareness of data protection policies, cybersecurity practices, and security best practices.
- Foster a positive and inclusive team environment that promotes wellbeing, collaboration, and a supportive culture aligned with departmental values
Proud member of the Disability Confident employer scheme