Head of Information Assurance, Governance, Risk & Compliance

Premium Job From AWE



Listed on

7th March




£58,640 - £85,000



This job has now expired please search on the home page to find live IT Jobs.

Information Services and Security have a vital role to play in a crucial national mission. We're here to enable the organisation to deliver through the use of technology. As AWE transforms itself to meet the needs of the UK's next-generation nuclear deterrent, we need to adapt to deliver data-driven decision making, flexible and future-proofed IT services, adaptable cyber security, support to a multi-billion Pound building programme, and many more.

The scale might be daunting to some, but you'll find it stimulating. We've got a long journey that we've only just started and we're looking for motivated people who can take us in the right direction. Your role will contribute directly to that shared mission. We won't deceive you, in some areas we're starting from a low base, but within ten years this organisation will look very different, and you can help make that happen. This is a role where you'll contribute to a legacy of national security for decades to come. So come and join us.

We are recruiting for a Head of Information Assurance, Governance, Risk & Compliance to manage all areas of Information Assurance activity and policy across AWE. To manage appropriate and adequate levels of Cyber Defence. To assist the CISO in ensuring that AWE manages Technical Information Risk within the boundaries set by the risk appetite. To provide expert advice on Technical Information Security to senior leaders, managers, and staff.

Location - Reading area

Salary - £58,640 - £85,000 per annum

AWE (one of the best 25 big companies to work for in the UK) offers an attractive array of benefits which include:

  • Market leading contributory pension scheme
  • Generous holiday entitlement (270 hours a year including bank holidays, plus every other Friday off)
  • Flexible working hours
  • Salary sacrifice scheme
  • Consideration for either full time or part time hours. Just let us know on your application if you wish to work part time
  • Relocation package available (terms and conditions apply)

Key Accountabilities:

  • Manage the provision and maintenance of Information Assurance Services.
  • Management of appropriate Information Security principles, policies and resources are in place to protect information.
  • Manage the Information Assurance Awareness and training regime at AWE.
  • Ensure that AWE Information Assurance staff are appropriately skilled with development plans as necessary.
  • Enable the performance and results of the team. Make sure that team members have the capabilities to get the work done now and in the future.
  • Engage and inspire colleagues, promoting a diverse and inclusive environment that encourages them to seek opportunities for continuous improvement and personal development.
  • Maintains and promotes high personal standards in environment, safety, health, security and quality and be a great team player.

Key Responsibilities:

  • Management of continual assurance (Secure By Design) processes when applied to AWE systems.
  • Provide oversight of Technical Information Risk across AWE including those systems and risk that lie outside IS.
  • Advise executive and senior management on the response to HMG policy, international standards and accepted good practice in Information Security.
  • Provide SME input for Information Security on the development of policies and systems.
  • Assist in the engagement with HMG and national bodies and international partners to strengthen AWE Cyber defences through collaboration.
  • Build and lead a team of professional Information Assurance personnel of both AWE staff and contractors.
  • Establish and meet relevant skills frameworks for information assurance staff.
  • Manage Information Assurance activities as delegated by CISO.
  • The Company may require you to fulfil any other reasonable duties aligned to your position from time to time in line with business needs.

Although not to be considered a checklist we would like the successful candidate to be able to demonstrate:

  • Experience delivering assurance services in a changing environment, at pace and with competing priorities.
  • Proficiency performing risk, impact, and vulnerability assessments, and defining mitigation strategies.
  • Experience working in a Government/Defence/Highly regulated/Highly sensitive environment.
  • Experience developing staff to keep pace with emerging technologies and assurance techniques.
  • Project management skills, including budgeting and resource management.
  • Experience of applying industry standards such as ISO27001, NIST 800-53, NCSC Cyber Assurance Framework (CAF), IEC 62443.
  • Understanding of Continual Assurance (Secure by Design) principles, and their application to new and legacy IT systems and services.

All Candidates must be willing and able to obtain and maintain the necessary security clearance for the role.

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below: