Chief Information Security Officer

ion to the Defence Business Services (DBS) Management Board, anticipate challenges, drive performance and build the capability required to ensure the security of new and existing services.

You'll identify and evaluate cyber security risks to information, systems and processes owned by the DBS Security Risk Owners and assist with the management of top-level security risks, on behalf of the DBS CEO, advising on the balance between business needs and security requirements, taking account of affordability.

Responsibilities include but are not limited to:

Act as the primary DBS point of contact on Cyber Security issues with key stakeholders, including Defence Digital Cyber Defence and Risk (DD CyDR), Joint Defensive Cyber Unit (JDCU) and external parties; actively develop strong working relationships in relation to Cyber Security.
Ensure that Cyber Security controls remain appropriate and proportionate to the assessed risks, by embedding Secure by Design, ensuring our capabilities are protected from the outset. Be responsive and adaptable to the changing threat environment, business requirements and Defence and central government policies, designed to be resilient against cyber-attacks.
Champion learning, development and assurance, cultivating talent, fostering an inclusive, diverse and motivated workforce and providing assurance that individuals undertaking cyber security roles are suitably qualified and experienced personnel (SQEP), building a whole organisation security mindset.
Ensure governance, compliance and risk management frameworks are in place with underpinning processes and that the DBS risk management approach provides good governance, achieves compliance and ensures that risk mitigation plans and funding are in place to continue driving cyber security forward.
Maintain a clear view of critical and high-risk DBS systems and ensure that systems not centrally managed by Defence Digital have the security controls required by policy.
Report on cyber security controls on the Annual Assurance Return and support the self-assessment cyber compliance framework, continuing to enhance our maturity.
Enhance the DBS cyber security and information governance culture, providing assurance that all personnel in DBS are provided with adequate and timely cyber security, threat briefs and information governance training, embedding cyber resilience and secure handling of information assets.
Ensure our integrated cyber defences cover our critical functions, providing the ability to detect and respond to cyber-attack and ensuring all cyber security incidents and breaches are managed and reported promptly to the Cyber Security Operations Capability (CSOC) and are investigated appropriately to ensure that risk is mitigated and lessons learnt.
Line management of several direct reports within the team. Resource management across the team, ensuring that the relevant workload is delivered as agreed.