- Company Name
- Islington Council
- Job Title
- Head of Cyber Security
- Job Description
-
**Job Title:** Head of Cyber Security
**Role Summary:**
Strategic leader responsible for defining and executing the cyber security strategy of a public sector organization. Acts as the senior authority on cyber risk, advising senior leadership, ensuring compliance with national standards, and fostering a security‑first culture across the organization.
**Expectations:**
- Develop and maintain a robust, future‑ready cyber security framework.
- Provide clear, actionable advice on emerging threats to senior executives.
- Lead and mentor a multidisciplinary cyber security team.
- Ensure governance, policy enforcement, and regulatory compliance.
- Respond swiftly and effectively to security incidents.
- Promote security awareness throughout the organization.
**Key Responsibilities:**
1. Create, implement, and continuously improve the organization’s cyber security strategy and roadmap.
2. Advise senior leadership on risk exposure, mitigation options, and emerging cyber trends.
3. Establish and enforce security policies, standards, and procedures aligned with national guidelines.
4. Oversee governance, compliance, and audit activities (e.g., ISO 27001, NIST, UK NCSC).
5. Direct incident response, investigations, and post‑incident reviews.
6. Manage and develop the cyber security team, including recruitment, performance, and professional growth.
7. Collaborate with IT, digital services, and business units to embed security into projects and operations.
8. Drive organization‑wide security awareness and training programs.
9. Report on security posture, metrics, and key performance indicators to the executive board.
**Required Skills:**
- Proven senior‑level experience (8+ years) in cyber security within large, complex environments.
- Strong strategic planning and risk management capabilities.
- Excellent communication skills; ability to translate technical concepts for non‑technical stakeholders.
- Leadership experience managing multidisciplinary security teams.
- Deep knowledge of threat landscape, vulnerability management, security architecture, and incident response.
- Familiarity with UK public sector cyber security standards and regulatory requirements.
- Ability to influence and drive cultural change toward security awareness.
- Strong analytical and decision‑making skills under pressure.
**Required Education & Certifications:**
- Bachelor’s degree in Computer Science, Information Security, or a related field (required).
- Relevant professional certifications (e.g., CISSP, CISM, CISA, CRISC, GCHQ Certified Cyber Security Professional) – at least one preferred.
- Advanced degree (MBA, MSc in Cyber Security) or equivalent experience is a plus.
- Eligibility to undergo Basic DBS and BPSS security checks.