Senior Cyber Security and Information Security Officer

This job has now expired please search on the home page to find live IT Jobs.

As a Senior Cyber Security and Information Security Officer at HS2, you will be accountable for the delivery of all corporate information assurance support across HS2 Ltd. You will be responsible for assuring the correct security standards are applied by Tier 1 contractors during construction into operation and that assurance and oversight of this is maintained. A key element of this role is working with Information Asset Owners to determine acceptable levels of risk, awareness of continuously evolving cyber security and data protection standards, audit and certification programs. In addition, assist in the growth of the business and its ability to align information and cyber security with HS2s information and technology roadmap to drive security into business processes and operations.

Note: The cyber security standards, assessment and design of HS2s railway operational technology (signalling, SCADA systems, railway access control and video surveillance etc.) will be managed by the infrastructure directorate and is not a direct accountability.

About the role:

HS2 lead for Information security delivery across all HS2 sites, locations, staff and across the supply chain

Deliver specialised information and cyber security assurance services to the whole of HS2 Ltd's corporate functions with appropriate due diligence of projects and contracts, and if required change requests

Accountable for assuring the outcomes of the HS2 Information and Cyber Security Strategy and Policy are delivered in line with the HS2 Security Strategy and coordinated with other security functions

Responsible for delivering governance and assurance of Information and Cyber Security across HS2 Ltd's corporate functions, and with IT of our supply chain, to ensure compliance with government policy, legislation and contractual requirements

Continuously assess strategic information and cyber security threats and work with relevant stakeholders to ensure adequate controls are in place

Deliver Information and Cyber Security training as follows: to all staff annually ensure awareness of relevant policies and procedures, to Information Assets Owners so they are familiar with their role and responsibilities relating to information risk, and as required and deconflicted with IT to individuals and teams so that HS2 is able to rapidly respond to information incidents in line with the information breach management process and the HS2 Incident Management Plan

Manage internal and external cyber security audit and assurance activities and assist in the achievement of best industry standards

Management of information and cyber security risk ensuring that appropriate controls are in place to ensure risk remains within our appetite and that information in HS2 is held securely and legally

Lead HS2's strategic interactions with the DfT Information Security Unit, National Cyber Security Centre (NCSC), the Centre for Protection of National Infrastructure (CPNI) and other dependent Government agencies for all HS2 related corporate information and cyber security related activities

Actively promote and embed Equality, Diversity and Inclusion (EDI) in all your work and support and comply with all organisational initiatives, policies and procedures on EDI.

 About You:

Current certification to CISM, CISSP, or other information security qualification of similar standing

Knowledge of HMG's Security Policy Framework and governance of information assurance within the UK public sector

Knowledge of Information and cyber security risk management

Experience as an information & cyber security lead for a large, complex organisation within the UK

Experience of developing and implementing IT security strategies, objectives and plans minimising disruption to the business

Experience of building relationships with key internal and external stakeholders and senior colleagues

The post-holder is expected to behave at all times in a manner consistent with the HS2 values of Safety, Leadership, Integrity and Respect.

It is expected that you will actively promote and embed Equality, Diversity and Inclusion (EDI) in all your work and support and comply with all organisational initiatives, policies and procedures on EDI.

We ask for a variety of detail in your online application, however we perform the first assessment of suitability for a role based solely on the information in your CV. Please attach an updated word version of your CV for each new application and include evidence directly related to the criteria in the job advert.

About Us

High Speed 2 (HS2 Ltd) will be the UK's new high speed rail network. As well as improving capacity, the new scheme will shorten journey times between a number of Britain's major population centres, boost the economy and create thousands of jobs.

HS2 Ltd will create a skills legacy and develop a diverse range of talent. We aim to be a leader in EDI practice by creating a safe & inclusive working environment for all our staff - living our values of Safety, Respect, Integrity and Leadership.

HS2 Ltd is also a safety-critical organisation. Employees are required to ensure reasonable care of their own and others' health and safety by taking personal responsibility for working to our ‘Safe at Heart' programme principles and following safe working procedures at all times.

We operate broad pay scales for all our roles to enable us to fulfil our commitments to inclusivity and career development. Final package is dependent on individual knowledge, skills and experience. In addition, we offer a range of competitive benefits - check them out in the Benefits section on our website.

HS2 Ltd endeavours to ensure everyone working for us and with us feels included, thrives and achieves their full potential. In practice, this means we are positive and inclusive about making adjustments, providing flexible working, encouraging our staff networks to flourish and providing personal and professional development opportunities.

Closing date: 16 May 2022.