Senior Isp It Security

Senior Isp It Security needed in Bradford, £503.72 per day  PAYE - Reference: 5279414

Senior ISP IT Security Role – Key Responsibilities and Activities

• Strategic Planning and Governance
• Develop, review, and maintain the IT Security Strategy in line with organisational goals and regulatory obligations.
• Lead the creation and enforcement of cybersecurity governance frameworks.
• Align security objectives with enterprise architecture and digital strategy.
• Participate in board-level or senior management discussions around cyber risk.
• Identify and manage strategic security risks (technical, legal, reputational, financial).
• Evaluate and advise on emerging technologies (e.g. AI, RPA, cloud, hybrid infrastructure) from a security perspective.

Policy, Procedure, and Guidance Oversight

• Review and update security policies, procedures, standards, and guidance regularly (e.g., acceptable use, remote access, incident response, etc.).
• Ensure alignment with frameworks such as NCSC guidance, ISO 27001, NIST, Cyber Essentials, and GDPR.
• Develop and communicate clear roles and responsibilities for information security across departments.
• Support Information Governance and Data Protection with policy harmonisation and compliance efforts.

Technical Review and Oversight

• Undertake technical reviews of:
• New and existing systems, applications, and infrastructure.
• Cloud service configurations (IaaS, SaaS, PaaS).
• Network architecture, including firewalls, VPNs, and segmentation.
• Identity and Access Management (IAM) implementations, including PIM/PAM.
• Security configurations in Microsoft 365, Azure, Active Directory, etc.
• Conduct or oversee vulnerability assessments, penetration tests, and threat modelling.
• Review and approve technical designs and solution architectures from a security standpoint.

Assurance, Compliance, and Audit

• Develop and maintain the IT Security Assurance Framework.
• Lead or coordinate internal/external audits and security assessments.
• Track and report on compliance with standards and regulatory requirements.
• Work with internal and external partners to deliver accreditation or certification activities (e.g., PSN, Cyber Essentials Plus, ISO 27001).
• Monitor and respond to findings from SIEM, threat intelligence feeds, or monitoring tools.

Performance Monitoring and Reporting

• Define and monitor key security performance indicators (KPIs).
• Produce regular security reports for senior management and boards.
• Track risk registers, exceptions, and remediation actions related to security.

Stakeholder Engagement and Leadership

• Act as the senior security point of contact for internal and external stakeholders.
• Provide advice and consultancy to IT projects, business units, and leadership teams.
• Influence and guide project governance to embed security early in the lifecycle.
• Represent the organisation at regional and national forums (e.g., WARP, NCSC, iNetwork).

Training, Awareness, and Culture

• Lead and support cybersecurity awareness and training campaigns.
• Build a security-conscious culture across the organisation.
• Work with HR and Learning & Development to embed cyber hygiene into inductions and role-based training.

Incident Management and Business Continuity

• Develop and review the Disaster Recovery and Business Continuity Plans for IT Services and support the Disaster Recovery and Business Continuity for the services areas.
• Oversee and periodically test the incident response and disaster recovery plans.
• Provide strategic direction and escalation oversight during major incidents.
• Conduct post-incident reviews and feed findings into policy, technical, and training improvements.

Continuous Improvement and Innovation

• Keep abreast of emerging threats, vulnerabilities, and industry best practices.
• Champion innovation in security practices, tools, and automation (e.g., SOAR, XDR).
• Evaluate and recommend security products and services.
• Lead or contribute to security maturity assessments and roadmaps.

This is a Full time role on a temporary contract basis.

If you are interested in the role please apply on our website with your CV, alternatively you can email your CV to  quoting the reference number.

Essential Employment is acting as an Employment Business in relation to this vacancy. Essential Employment is an Equal Opportunities Employer.

All our roles may be subject to pre-employment checks including references so please be prepared.

Due to high volumes of CVs received we are not able to respond to all unsuccessful applications. You will always however hear from us by phone if we are able to take your CV forward to the next stage.

You can also follow us at Twitter/Facebook/LinkedIn or via our website www.essentialemploy.co.uk.