Cybersecurity Principal Lead

4675953

View Saved Jobs

Save Job

Job type
Contract
Location
Birmingham
Working Pattern
Full-time
Specialism
Cyber Security
Industry
Technology & Internet Services
Pay
500.00

Share Job

Cybersecurity Principal Lead

Your new company

You will be working for a known organisation based in Birmingham 2 days a week on-site. The role is inside scope of IR35 and it's a 6-month contract.

Your new role

Job Summary

Lead and champion the development and implementation of a cyber resilience strategy and framework for the organisation, aligned with the organisation's vision, values and objectives. Manage and develop a team of cyber professionals, providing them with clear direction, guidance, support and performance management. Ensure that the organisation meets all the cybersecurity standards and requirements, such as PSN, Cyber Essentials, NCSC Cyber Assessment Framework, PCI-DSS, ISO27001 and any new standards that may arise. Monitor and report on the organisation's cyber security posture, risks, incidents and compliance, using appropriate tools and metrics. Chair the Cyber Security Board, which oversees the delivery of the cyber resilience improvement programme and cyber security strategy to ensure that the programme is aligned with the organisation's priorities, resources and governance. Manage (including establishing and monitoring) the cyber resilience budget and ensure that the organisation obtains value for money from its cyber security investments. Establish and maintain effective relationships with internal and external stakeholders, such as the Information Governance Team, the Senior Management Team, the Audit Committees, external auditors, suppliers and regulators. Provide expert advice and guidance on cyber security matters to the organisation's workforce, managers and elected members, and promote a culture of cyber awareness and best practice. Keep abreast of the latest cyber security trends, threats, technologies and solutions, and ensure that the organisation adopts and adapts to the changing cyber landscape. Respond to and manage any cyber security incidents or breaches and ensure that the organisation has a robust and tested cyber incident response plan.

Your duties and responsibilities are:

Act as the principal, accountable and strategic lead for cyber security across the organisation.

Be a full and active member of the ICT Strategic Leadership Team.

Deputise for the ICT Strategic Lead whenever necessary, including attendance at meetings, report writing and the provision of professional advice.

Manage, strategically lead, coach and influence a team of cyber security professionals to ensure cyber security and resilience is robustly developed and maintained.

Develop, manage and be accountable for the organisation's Cyber Resilience Improvement Programme.

Be fully accountable and strategically manage the compliance of all required security accreditations, including but not limited to IS027001, PSN Code of Connection, Cyber Essentials, NCSC Cyber Assessment Framework, PCI-DSS.

Strategically lead ICT’s contribution and action ownership for the NHS’s Data Security and Protection Toolkit (DSPT)

Manage the Cyber Security Programme budget and work with central government departments to seek additional grant funding as it becomes available.

Be accountable, lead and manage the development of the organisation's cyber security strategy ensuring it is fit for purpose, reviewed and communicated via relevant governance processes.

Develop and maintain all corporate cyber-related policies and strategies plus supporting Standard Operating Procedures related to cyber security, ensuring these are maintained and embedded within the organisation.

Proactively contribute to wider information governance policies from a cyber and ICT perspective.

Identify and subsequently manage all cyber security risks and ensure relevant risk treatment plans are developed and delivered.

Be the organisation's lead strategic representation and contact point for working with all necessary national, regional and local cyber groups, including NCSC, LGA, ROCU and WARPs

Engage proactively and strategically with all government and related agencies with national cyber security programmes, e.g. DLUHC and the LGA.

Manage and take lead accountability for the response to all cyber security incidents as they occur.

Be the gold lead or be a full contributing member of any Cyber Response Team established in response to a cyber incident.

Manage the contractual relationship with the organisation's managed service Security Operations Centre (SOC).

What you need to do now

If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.

If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.

Apply through LinkedIn

Talk to Nisha Pandoria, the specialist consultant managing this position

Located in Birmingham, 3rd Floor, One Colmore Square, Telephone 01212301455

Click here to access our Privacy Policy, which provides detailed information on how we use and protect your personal information, and your rights in relation to this.

JOBS YOU MIGHT LIKE

Technical Administrator
- Redditch
- £
  £15.00 per hour

RELATED COURSE

Build your career with the skills employers need.

Certified Ethical Hacker, Part 1 of 8: Intro to Ethical Hacking
151 minutes | Advanced
Course description
Hacking has gone from an obscure term to something that appears in the daily news. In this course we'll get started with what is hacking and understand some of the differences between "white hat" hackers and "black" or "grey" hat hackers. It will cover at a high level what are some of the essential tools a hacker needs to know about and be proficient with as well as the credentials of a hacker and what you can expect when becoming a Certified Ethical Hacker (CEH), an certification by the EC-Council.
Each LearnNowOnline training course is made up of Modules (typically an hour in length). Within each module there are Topics (typically 15-30 minutes each) and Subtopics (typically 2-5 minutes each). There is a Post Exam for each Module that must be passed with a score of 70% or higher to successfully and fully complete the course.

Prerequisites
To get the most out of this course, this course assumes that you have a good working knowledge of Linux and Windows based networking environments. It also assumes that you have experience with managing a network, have worked with networking hardware such as switches & routers, are familiar with MS Active Directory (AD) Domain based authentication, know how to work with command-line utilities, and understand the basics of Web Server environments. Many of the demonstrations in this course use the Windows 7 and Kali Linux operating systems which can be downloaded free from the respective sites. All of the demonstrations are created in a virtual environment using Oracle VirtualBox and VMware vSphere 6.

Meet the expert
Rafiq Wayani
Rafiq Wayani has extensive experience including more than 20 years in IT as Systems Architect, Software Engineer, DBA, and Project Manager. Wayani has instructed in a variety of technical areas, has designed and implemented network and information systems, and is certified across a wide range of platforms and systems including Microsoft Solutions Developer, Systems Engineer, Application Developer, Database Administrator, Trainer; Novell Netware Administrator and Engineer; Master Certified Netware Engineer; and A Certified.

Video Runtime
111 Minutes
Time to complete
151 Minutes

Course Outline
Intro to Ethical Hacking
Introduction (20:27)
- Introduction (00:16)
- Certified Ethical Hacking (00:56)
- Introduction (18:59)
- Summary (00:14)
Hacker Credentials (21:40)
- Introduction (00:18)
- Credentials (09:15)
- Demo: Wizard vs. Cmd Line (06:33)
- Demo: PowerShell (05:17)
- Summary (00:15)
Hacker Credentials Part 2 (07:14)
- Introduction (00:23)
- Credentials (00:21)
- OSI Model (03:52)
- Credentials Cont. (00:28)
- Demo: Linux (01:56)
- Summary (00:10)
Being a Hacker (06:01)
- Introduction (00:22)
- What Is It Like? (01:03)
- Demo: Understand the System (03:05)
- What Is It Like? Cont. (01:19)
- Summary (00:10)
Footprinting and Reconnaisance
Terminology (14:58)
- Introduction (00:21)
- Terminology (07:24)
- Terminology Cont. (06:57)
- Summary (00:14)
Tools (11:01)
- Introduction (00:27)
- Tools (02:53)
- Demo: Basic Windows Script (02:30)
- Demo: Basic Linux Script (02:38)
- Demo: Differences (02:15)
- Summary (00:15)
Footprinting (17:42)
- Introduction (00:17)
- Footprinting & Reconnaissance (05:36)
- Active & Passive Footprinting (04:55)
- Footprinting Sources (01:14)
- Demo: Google Hacking (01:38)
- Demo: Other Online Tools (02:34)
- Footprinting Sources Cont. (01:15)
- Summary (00:10)
Footprint Tools and CM (12:43)
- Introduction (00:15)
- Types of Information Gathered (06:36)
- Methods Available (02:13)
- Mitigate Footprinting (03:26)
- Summary (00:11)
Introduction to security in Microsoft 365
39 minutes | Beginner
Learn about the different Microsoft solutions for managing security in your organization. Microsoft 365 provides a holistic approach to security, helping you to protect identities, data, applications, and devices across on-premises, cloud, and mobile.

Cybersecurity Principal Lead

Apply for this job

JOBS YOU MIGHT LIKE

Technical Administrator

RELATED COURSE

Build your career with the skills employers need.

Certified Ethical Hacker, Part 1 of 8: Intro to Ethical Hacking

Introduction to security in Microsoft 365