Information Assurance Manager Ref. 385
HMGCC has a unique and exciting opportunity for an Information Assurance Manager to join our Service Operations Centre (SOC) team.
The SOC Information Assurance Manager is a key member of the SOC Leadership Team and therein will shape the future of the SOC. You will lead SOC engagement with an existing change programme to develop information assurance ways of working across a number of Government Departments, ensuring our partners assets are protected and assured into the future. A key part of this role is leading a team of passionate, talented and dedicated staff.
You will have responsibility for Information Security Management, setting and agreeing strategy and policy to ensure stakeholders have confidence that Information Assurance risk is being managed pragmatically, appropriately and in a cost effective manner. You will also be responsible for the management of, and provision of advice on, the selection, design, justification, implementation and operation of information security controls and mechanisms to maintain the confidentiality, integrity, availability, accountability and relevant compliance of information systems.
We would need you to already have:
- An aptitude for excellent people management and leadership of a team through change
- An open-minded and forward thinking approach to information assurance and security
- Previous experience in a related role (e.g. in Information Assurance or as a Security Team Leader)
- The willingness to learn and flexibility to work across a diverse set of requirements
- Demonstrable experience of building successful relationships and desire to build an active stakeholder network and effective communication skills
- The willingness to travel to Other Government Department and Supplier sites as required
To strengthen your application it would be desirable if you have:
- Experience of working with third parties on assurance programmes
- Experience of working with security systems and understanding of techniques to increase security awareness
- Experience of developing security policies, controls and standards (or equivalent on other professional areas)
- Awareness of GDPR and of the ITIL Framework
- Professional membership/accreditation through a relevant body (e.g. CISM, CISA, CRISC, CEH) and willingness to work toward CISSP
To work as an Information Assurance Manger you will be the type of person who:
- Communicates a clear vision and direction; delegates responsibility and decision making to the right level, balances challenge with support and knows when to intervene; secures resources for the team and represents the team's interest to the wider organisation
- Understands broader government strategy and priorities and shares understanding with the team; assists others to recognise risks and ensures effective risk management is used well by others; takes decisions and supports others with their decision making in situations of ambiguity and uncertainty
- Secures resources and continually strives to identify and meet resource requirements for the future; takes responsibility for compliance with procedures and legal requirements; identifies ways to enhance the productivity of teams and supports and challenges others to find better ways of doing things; achieves results through others
- Carefully plans and delivers communication to support and enable change; negotiates and delivers an agreed outcome under pressure and/or in difficult circumstances; operates with an acute understanding of political sensitivities and realities; takes responsibility for conveying difficult messages
- Promotes a culture of team working, leading by example and encouraging and recognising teamwork; builds effective teams and encourages team identity and commitment; supports others in building collaborative relationships; participates in corporate work and cross-organisational project teams; promotes a sense of community through communications and activities
- Ensures that long and short term customer needs drive plans; works with customers to adopt a creative approach to exploit opportunities; builds and sustains relationships with key individuals in the customer group; identifies and resolves conflicts between customers' priorities; builds and sustain relationships with the highest priority customers and stakeholders
- Looks for ways of removing barriers to change; provides people with a vision and the support to achieve change; promotes and enables a culture of learning and development; creates a flexible environment that enables people to respond effectively to changing demands; acts as a coach and/or mentor to others
Putting Your Skills To Use
Using your expertise as part of our team you will:
- Provide mentoring and team support within the organisation, specialising in personnel, physical and information security
- Represent the organisation at external meetings where security matters require representation (covering both technical and policy issues), maintaining relationships with applicable external parties
- Ensure national security policy is correctly selected and presented in organisational activities
- Where necessary provide information security advice and guidance on policy and operational requirements
- Ensure sufficient security processes or requirements exist across the organisation and are implemented, maintained, measured and improved allowing us to achieve and maintain accreditation
- Ensure Information Assurance Risks are assessed in relation to organisational products and services
- Ensure compliance requirements to national security policy and standards are assessed in contextual terms of the organisation
- Set, agree and deliver security and audit strategy for the organisation
- Obtain and manage the resources necessary for delivery of organisational security and audit liabilities and commitments
You will play an integral part in ensuring that our Government's communication systems in the UK and around the globe are reliable and totally secure. In return we will offer you a positive and creative environment to work in and give you all of the tools and training to develop and be the best that you can be.
To find out more about HMGCC and how we are truly individual both as an organisation and an employer visit 'about us'.
*If you are relocating to the area then we can discuss the possibility of a relocation package.
Please note dependent on the recruitment requirements, we withhold the right to bring forward the closing date for this role from the original closing date.