Cyber Security Lead Ref : 1930
School/department: IT Services
Hours: full time or part time hours considered up to a maximum of 1 FTE. Requests for flexible working options will be considered (subject to business need).
Salary: starting at £41,526 to £49,553 per annum
Placed on: 21 August 2019
Closing date: 30 September 2019. Applications must be received by midnight of the closing date.
Expected interview date: September / October
Expected start date: As soon as possible
This is an exciting time to join the University of Sussex, supporting us on a new journey of digital transformation. As a Cyber Security Lead you will be playing a crucial role in driving the implementation of new standards of excellence in cyber security.
You will be responsible for:
- Acting as a champion for cyber security across the University, looking to drive improvements in all aspects of IT security including policies, operational processes, cloud security and ensuring a secure future architecture
- Ensuring that threats to University systems and data are identified and monitored with appropriate plans for remediation
- Leading the programme to achieve Cyber Essentials Plus accreditation initially and ISO27001 or other standards accreditation in the future
- Coordinating strategic and operational cyber security efforts across the University
- Work with the IT Leadership team to define, plan and lead a rolling programme of cyber security improvement activities
- Manage the daily activities of the Cyber Security and Compliance Analyst to ensure monitoring, threats and incidents are prioritised and acted upon
- Regularly review security incidents and update continuous improvement plans to ensure security measures are the best they can be
- Lead and plan the activities necessary to achieve and maintain Cyber Essentials Plus certification
- Be responsible for the definition and maintenance of the cyber security policy framework and associated policy lifecycle management
- Work with the University Information Management team and users to address data protection-related concerns
- Lead on a programme of cyber security training and awareness
- Be responsible for the IT Disaster Recovery plans, ensuring they are actionable and widely understood
You will have:
- An excellent working knowledge of cyber threat landscape including emerging threats, risks and vulnerabilities
- A working knowledge of cyber security legislation and standards such as GDPR, Cyber Essentials, PCI-DSS, ISO 27001
- Experience of cyber security systems, controls and best practice
- Excellent personal skills including the ability to plan and lead the cyber security programme, and communicate to both technical and non-technical audiences
- Demonstrable experience of cyber security tools, information security technologies and best practice processes
- Industry qualifications such as CISM, CompTIA, PCI ISA or similar would be highly desirable
- A solid understanding of security architectures
The University of Sussex values the diversity of its staff and students and we welcome applicants from all backgrounds.
How to apply
You must email your completed application, and personal details and equal opportunities form, to firstname.lastname@example.org
You should attach your application form and all documents to the email (don't use a web-based upload/weblink service) and use the format job reference number / job title / your name in the subject line.
You can also send your application by post to Human Resources Division, Sussex House, University of Sussex, Falmer, Brighton, BN1 9RH.