We are looking for a DV or NPPV3 cleared Information Security Manager with experience of Risk Management within digital technology & Government experience within compliance to lead the development of an Information Security Governance and Management framework that meets the business needs of the College of Policing in the delivery of secure services via the PSN and PSN(P) networks. .
Further skills and/or knowledge required:
* CISSP/CISM (Cert) or equivalent experience
* PSN assurance/accreditation of Govt networks.
* Technical infrastructure security techniques and management
* Systems security architecture
* Stakeholder and project management
* ITIL Foundation
* Government assurance/accreditation experience
* Leads the development and implementation of appropriate polices, standards and guidelines for ensuring cost-efficient security of confidential and specialist systems in line with current and emerging legislative, College, CESG and Home Office directives.
* Be accountable for Information Security Risk Management undertaking risk management assessments and ensuring a consistent approach to Information Risk management is undertaken across the Information Security Team
* Be accountable for ensuring assurance and/or accreditation is in place for all digital infrastructure, systems and services used or delivered by the College
* Be accountable for developing and implementing a rigorous and proactive assurance and accreditation framework identifying, highlighting and addressing shortcomings where appropriate, to demonstrate security compliance against PSNP code of connections and other external information security standards adopted within the College. Lead the Information Security team in the consistent adoption and delivery of the assurance framework identifying where external assurance is required.
* Be accountable for the development, rehearsal and maintenance of the IS Unit's Business Continuity Plan to ensure its integrity in meeting the overarching needs of the College's Business Continuity Plan and the individual Business Unit BC plans. Lead exercises to test the IS BC plan. Devise, implement and maintain a robust communication plan which confirms each member of the IS Unit understands and can carry out their role in the execution of the plan.
* Be accountable for the security incident management activities and where necessary carry out and/or commission internal and external investigations into Information security and cyber security breaches and external attacks on the College's IT networks and systems, in accordance with Security Police Framework, GovCertUK and College procedures. Prepare and review reports for the Senior Information Risk Officer (SIRO) and Head of IS and assess, agree and implement mitigating and remediation actions, including potential disciplinary action, promptly to counter further breaches and restore services securely.
* Lead on the raising of awareness of Information Security and its place in the College's overall security and risk management processes. Develop or commission awareness and training courses to ensure the Information Security is embedded in day to day operations across the College.
As well as the experience required above you will have the necessary qualifications, skills & experience to take control of this requirement from its inception to its completion.
If you meet the experience required above please call/mail me asap for the