Cyber Security Manager

Job Title: Cyber Security Manager

Location: Flexible Hybrid Working - Around 2 days in the office at NNC

Rate of Pay: £400 per day Umbrella OR £ PAYE £311.12 per day PAYE

Working Hours: Full time - 37 hours per week

Type: Temporary role - Inside IR35 - Up to 9 months

Opus People Solutions are working with North Northamptonshire Council to recruit for a Cyber Security Manager.

North Northamptonshire Council is going through a period of large-scale strategy and transformation to bring together our estates as well as create world leading services for our citizens. We have an ambition to create brilliant and modernised services; to use modern platforms and infrastructure; and to make the best out of our investments in our technology and teams. This is a vital role in that journey, responsible for ensuring that we design and implement security right from the beginning of our journey, mitigating and managing technical risks to data and the organisation.

This role is responsible to the Chief Information Officer of North Northants Council for:

• Providing expert advice on the selection, design, justification, implementation and operation of information security controls and management strategies to maintain the confidentiality, integrity, availability, accountability and relevant compliance of information systems.
• Provide leadership in shaping and delivering our cyber security strategy, the design of our products and services, baking security into our standards and practice. This should be achieved alongside an expert balance in the management of information governance and controls to support the organisation's ambition to be digitally flexible.
• Convey the value of security across the council, working with stakeholders at all levels to ensure that security is embedded and part of the organisation's ethos.
• Ensure the organisation adheres to legal and best practice standards for security and leads on technical audits for the Council.
• Supporting our digital approach and outcomes to impact residents and businesses through organisational strategy.

Role Responsibilities

• Direct responsibility for the leadership and development of enterprise-wide security architecture and processes which ensure that the strategic application of security is embedded in the organisation.
• Working closely with our DPO and information governance teams to shape our security stance on technology and information management.
• Working closely with colleagues in West Northamptonshire Council and partners to deliver our digital vision and roadmap.
• Reviewing our infrastructure and technology to analyse and assess vulnerabilities, in order to build and execute plans to mitigate these.
• Regularly monitoring and reviewing our cyber stance, in order to update our strategy in line with our organisational ambitions.
• Engage with senior and relevant stakeholders across the organisation to ensure that adequate measures are in place to support the integrity of the estate and data.
• Increasing security awareness within the organisation and developing approaches to support this.
• Maintaining up-to-date knowledge of emerging security trends and developments in areas of interest to the organisation and utilising new approaches to develop our strategy and align.
• Analyse results of investigations into complex or highly sensitive security violations or breaches and determine any modifications to standards and their implementation.
• Review supply chain assessments, new business proposals and planned technical changes and provide specialist guidance on security issues and implications.
• Enabling the organisation in the compliance of areas such as GDPR, PCI, PSN and working towards standards such as ISO27001.
• Developing and coaching the information security team and working closely with the Technology, Digital and Data management team.
• Ensuring the organisation is focused with adequate levels of patching, firewall configuration reviews and SIEM alerting.
• Hold our partners/suppliers to account for spend, performance and behaviour, including diversity within their teams.
• Maintain and input to the risk register in the technology service, documenting details of any or all risks and their progress to remediation or mitigation.
• Manage staff performance appropriately by providing constructive feedback and take action where performance falls below the expected standard.
• Participate/ work with external groups and stakeholders for the organisation such as NCSC, EMGWARP, auditors and accreditors as required.

Person Specification

Technical knowledge and experience

• Expert knowledge and understanding of security and system architectures; the relevant technologies, tools and platforms, best modern practice; industry trends and risks
• Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) certified.
• A good working knowledge of information security including ISO/ IEC 27001 Information Security Management Standard and Cyber essentials.
• A deep applied knowledge of agile ways of working
• Experience of working across multiple channels (some or all of digital content, digital tools, assisted digital, webchat, phone, face to face).
• Understanding of, and practical experience of applying GDPR, the Freedom of Information Act and other related legislation, standards and codes of practice.
• Knowledge of infrastructure concepts, protocols and standards, including Active Directory, group policies, various hosting options, SSL, SAN, business continuity and disaster recovery.
• High level of management, development and interpersonal skills.
• Expert in understanding the business environment of the organisation and closely associated organisations and the organisation's technical platforms.
• Expert in understanding the functional structure of businesses and other organisations; their mission, objectives, strategies and critical success factors. experience with managing technology suppliers and partner experience of developing services that takes account of the needs of diverse users.

Skills and Abilities

Ability to lead/action the organisation's cyber strategy and team.

• Ability to lead during times of great change.
• Ability to develop and get agreement for a strategy.
• Ability to flex delivery approaches depending on context.
• Passionate about building diverse teams and communities.
• A strong influencer, with the ability to persuade and negotiate with stakeholders of all levels, including CEO, directors and elected members, including communicating methodologies and projects to a diverse, non-expert audience, and leading on the team's remits, priorities and budget.
• Strong people management skills, with the ability to create a positive working environment in which equality and diversity are embedded in every aspect of the team's work and output, dignity at work is upheld and staff are empowered and motivated to achieve good outcomes.
• Shows the ability to delegate effectively, empowering others.

For more information or to process your application for this role, please apply online now.