Information Security Manager
The Information Security Manager will provide leadership and guidance in all areas of NNL information security and its associated compliance programme. This role forms part of the Cyber Security and Information Assurance (CS&IA) Team within Technology and Digital Change.
1. Ensure a strong control environment, incorporating security best practices, policies and procedures into all areas of the NNL.
2. Manage compliance with both contractual obligations and regulatory requirements.
3. Develop and maintain effective project Security Assurance processes.
4. Assist with system accreditation, in accordance with local accreditation standards.
5. Manage CS&IA risk management activities.
6. Support the NNL internal assurance plan.
7. Ensure the NNL is compliant with Information Security policies and procedures, and in alignment with its ISO27001 and Cyber Essential Certifications.
8. To ensure that IT Disaster Recovery Plans are in place and tested, with appropriate reflection of business expectation for critical IT and OT services.
9. Deliver security education activities.
10. Develop incident response exercises.
11. Provide on call support to the resolution of CS&IA incidents as scheduled.
12. Investigate any CS&IA Events reported across the business as directed.
13. Work as an active member of the NNL Security community to promote continuous improvement, good governance and risk management.
14. Liaise with Information Asset Owners (IAOs), providing support and guidance as required.
The Ideal Candidate
1. possess an extensive breadth and depth of knowledge and knowhow across all aspects of Information Assurance , Cyber Security, Data Governance and Security;
2. be an experienced Cyber Security and Information Assurance SMT member at equivalent medium to large enterprises and familiar with the challenges of Management, Operations and Strategic Planning;
3. have the knowledge and experience to recommend, adopt, customise, integrate and apply industry standards and frameworks
4. have a demonstrable background in accredited environments and balancing business benefit and technology risk working close with Chief Architect and to develop appropriate risk balance cases and documentation;
5. have strong communication and influencing skills and the ability to build relationships and influence senior stakeholders;
6. have excellent planning and organisational skills;
7. be knowledgeable of business re-engineering principles and processes;
8. be comfortable managing multiple third party and external industry, regulatory and statutory stakeholders and obligations;
9. have demonstrable experience leading an architecture practice;
10. have extensive experience in at least two IT disciplines (such as technical architecture, solution architecture, application development or middleware design);
11. be qualified to at least degree level;
12. have the ability to achieve SC clearance.
About The Company
Grounded in robust science and decades of experience, National Nuclear Laboratory (NNL) is the authoritative voice in the UK and beyond for technological development within the nuclear power sector.
Our unparalleled understanding of the science, challenges and opportunities makes us an unrivalled authority and partner in the field, providing experts, technologies, and access to cutting-edge facilities to organisations around the world.
Harnessing potential technologies and translating them into to industry-ready solutions means our pioneering approach spearheads international improvement and technological progress.
We work on projects as small as drilling a hole to analyse underground wastes with our integrated micro drilling technology, or as large as developing state-of-the-art power systems for spacecraft, based on radioactive materials
NNL has a vision for Equality, Diversity and Inclusivity (ED&I) where NNL aims to be an inclusive workplace that attracts diverse talent through transparent and equal policies and procedures. We want you and the diverse mix of people that we employ, customers that we service and stakeholders that we influence to feel valued. We encourage a workplace culture where everyone can thrive with a sense of belonging.