Cyber Security Lead Ref : 1930

School/department: IT Services
Hours: full time or part time hours considered up to a maximum of 1 FTE. Requests for flexible working options will be considered (subject to business need).
Contract: permanent 
Reference: 1930 
Salary: starting at £41,526 to £49,553 per annum
Placed on: 21 August 2019 
Closing date: 30 September 2019.  Applications must be received by midnight of the closing date. 
Expected interview date: September / October 
Expected start date: As soon as possible 

Job description

This is an exciting time to join the University of Sussex, supporting us on a new journey of digital transformation. As a Cyber Security Lead you will be playing a crucial role in driving  the implementation of new standards of excellence in cyber security.

You will be responsible for:

  • Acting as a champion for cyber security across the University, looking to drive improvements in all aspects of IT security including policies, operational processes, cloud security and ensuring a secure future architecture
  • Ensuring that threats to University systems and data are identified and monitored with appropriate plans for remediation
  • Leading the programme to achieve Cyber Essentials Plus accreditation initially and ISO27001 or other standards accreditation in the future
  • Coordinating strategic and operational cyber security efforts across the University

You will:

  • Work with the IT Leadership team to define, plan and lead a rolling programme of cyber security improvement activities
  • Manage the daily activities of the Cyber Security and Compliance Analyst to ensure monitoring, threats and incidents are prioritised and acted upon
  • Regularly review security incidents and update continuous improvement plans to ensure security measures are the best they can be
  • Lead and plan the activities necessary to achieve and maintain Cyber Essentials Plus certification
  • Be responsible for the definition and maintenance of the cyber security policy framework and associated policy lifecycle management
  • Work with the University Information Management team and users to address data protection-related concerns
  • Lead on a programme of cyber security training and awareness
  • Be responsible for the IT Disaster Recovery plans, ensuring they are actionable and widely understood

You will have:

  • An excellent working knowledge of cyber threat landscape including emerging threats, risks and vulnerabilities
  • A working knowledge of cyber security legislation and standards such as GDPR, Cyber Essentials, PCI-DSS, ISO 27001
  • Experience of cyber security systems, controls and best practice
  • Excellent personal skills including the ability to plan and lead the cyber security programme, and communicate to both technical and non-technical audiences
  • Demonstrable experience of cyber security tools, information security technologies and best practice processes
  • Industry qualifications such as CISM, CompTIA, PCI ISA or similar would be highly desirable
  • A solid understanding of security architectures

 The University of Sussex values the diversity of its staff and students and we welcome applicants from all backgrounds.

Download job description and person specification Ref 1930 [PDF 131.42KB]

How to apply

Download our professional services application form [DOC 183.00KB] and personal details and equal opportunities form [DOC 162.50KB] and fill in all sections.

You must email your completed application, and personal details and equal opportunities form, to

You should attach your application form and all documents to the email (don't use a web-based upload/weblink service) and use the format job reference number / job title / your name in the subject line.

You can also send your application by post to Human Resources Division, Sussex House, University of Sussex, Falmer, Brighton, BN1 9RH.

Download our terms and conditions summary for Administrative Staff and Other related faculty [DOC 37.00KB]

You might also be interested in: