The following job is no longer available:
DIO - Information Cyber Security & Assurance Manager

DIO - Information Cyber Security & Assurance Manager

Posted 25 June by DIO
Job description

The Challenge

DIO have an exciting opportunity to suit someone with demonstrable experience in Cyber security, Information Assurance and IT who possesses strong Cyber Security, Information Assurance, technical, analytical, communications, planning, analytical experience and skills. This post plays an essential role to support the Head of Cyber Security and Information Assurance to ensure best practice is maintained across DIO and it’s Industry Partners. Proven leadership skills and the ability to communicate effectively and motivate people to achieve stretching goals in an evolving organisation is essential and collaboration skills to interact with a range of stakeholders including senior leaders across DIO and the wider Department and it’s Industry Partners. Services include Information Cyber Security and Assurance advice and guidance, DIO accreditation services, DIO WARP, ITSO and Crypto services and Assistant Data Protection Advisor.

About CIO
DIO's Chief Information Office (CIO) focuses on and is accountable for delivering technology solutions through the Customer, Portfolio Management Office (PMO) and Development, Security and Operations (DEV, SEC, OPS) functions. Each of these functions collaborates to build and lead on the delivery of organisational objectives in alignment with DIO's technology strategy. CIO enables DIO and its staff to deliver outputs and obligations effectively by providing the right technology and operational support for DIO users, its functions, industry partners and other Top Level Budgets (TLBs). Working together with our customers, through the implementation of technology, CIO can shape and transform the way DIO manages estates. Developing capabilities that provide improved, modernised and collaborative technology, which enhances the way in which DIO operates providing overall business efficiencies. CIO supports the business by embedding and executing sound agile and technology and delivery methodologies and technologies.

DIO Information Cyber Security & Information Assurance Team are based across the UK including Sutton Coldfield. We offer a flexible base location for this role and will therefore make one of these locations your duty station where possible. Where this is not possible, we will look to assign an alternative MOD establishment as your duty station.

Work location will be agreed once the successful candidate has been selected.

ResponsibilitiesMain Responsibilities

The role is a diverse and challenging one that includes:

• Manages DIO Information Cyber Security and Advisory services including DIO TLB Accreditation Services.
• Provides constructive and impartial subject matter expert advice and guidance on all Information Cyber Security and Assurance queries to DIO stakeholders including Industry Partners.
• Acts as an impartial assessor of the risks that an information system may be exposed to in the course of meeting a business requirement and formally accredits that system on behalf of the DIO TLB or act as Security Assurance Coordinator (SAC) for CyDR accredited systems.
• Provides input into the development of the Information Cyber Security and Assurance Programme and conducts assurance checks and audits in line with the agreed programme.
• Maintains DIO Cyber Resilience documentation and conducts exercises against DIO Business Area’s Cyber Resilience Response Plans as part of an overarching Cyber Resilience programme.
• Provides ISO27001 advice and guidance and audit function.
• Manages the WARP function including supporting complex investigations and JSyCC engagement for DIO TLB.
• Crypto Custodian for DIO TLB and management of supporting Assistant Crypto Custodians to ensure adequate cover across the DIO estate.
• Accountable for the Information Technology Security Officer (ITSO) duties for DIO TLB including regional ITSOs across the DIO estate.
• Acts as Subject Matter Expert for IT Security, breach, ITSO and Crypto queries for DIO TLB and its Industry Partners.
• Manages the Information Cyber Security & Assurance education and awareness programmes to target areas of non-compliance and embed security as a BAU activity within DIO.
• Accountability for all ITSO audits and muster programmes for DIO.
• Assistant Data Protection Advisor supporting the Warning Advisory Reporting Point (WARP) and MOD Data Protection Officer in investigating data breaches.
• Advises and assist Information Asset Owners (IAOs) and project teams throughout the Data Protection Impact Assessment (DPIA) process and supports the DIO DPA with Subject Access Requests (SARs) and liaison with Freedom of Information (FOI) Team.
• Assists with the DIO Cyber Communication Plan ensuring key messages are developed and issued using the most appropriate media.
• Coordinates production of ITSO, WARP and Accreditation reports, statistics and updates for DIO stakeholders and MOD Centre.
• Communicates with senior stakeholders to present Information Cyber Security & Assurance findings that will support the continuous improvement of InfoCySec &IA in DIO.
• Tasks the DIO ITSO / WARP incumbent on a daily basis.

Desirable Experience & Skills
• Qualification - Degree in the Information Cyber Security & Assurance discipline.
• Membership - Professional Membership in Information Security and Cyber (eg: Institute of Information Security Professionals (IISP), NCSC Certified Professional (CCP), ISACA CISM or ISC2 CIISP.
• Experience - MOD, Industry or OGD Accreditor and / or Security Assurance Coordinator (SAC) experience.
• Experience - ISO 27001 or ISO 9001 auditor experience.
• Experience - Data Protection Act (DPA18) experience including Subject Access Requests (SARS) and DPIAs.
• Experience - Defence Information Technology Security Officer (DITSO) experience.
• Experience - MOD, Industry or OGD Crypto Custodian experience.

Reference: 43159746

Bank or payment details should never be provided when applying for a job. For information on how to stay safe in your job search, visit SAFERjobs.

Report this job