Information Technical Security Officer

This is a challenging new post within the Information Systems (IS) Office. The post holder will lead the Assembly’s Information Technology Security functions. This is a key change role within the Assembly, supporting and reshaping the provision of information systems and enabling other parts of the business to perform effectively. The Information Technology Security Officer (ITSO) will work in a specialised role responsible for developing, implementing, and maintaining the Northern Ireland Assembly Commission’s information security policies and procedures, to ensure information security and compliance with legislation and best practice. The ITSO will endeavour to ensure the confidentiality, integrity, and availability of all data and information systems, by protecting them from internal and external threats. The ITSO will collaborate with IS Office teams and the Data Protection and Governance Officer to align security practices with regulatory requirements and business objectives. They will take a lead role in safeguarding the Assembly Commission’s information assets and ensuring a proactive stance against evolving cybersecurity threats. The ITSO plays a key role in strengthening the Assembly Commission's defences and fostering a security-conscious culture across all Business Areas.
This is a key role in the organisation, and the post holder will have significant influence on any discussions relating to IS matters. The post will frequently involve a “challenge” aspect to the plans of other Assembly Business units and/or Directorates and this requires excellent communication skills and a degree of assertiveness when required.
Job Description: The main duties and responsibilities of the post are:Strategic

• Work alongside the Head of IT to develop the Assembly Commission’s IT vision, strategy and accompanying action plan and deliver it through a robust programme and project management framework, in line with best practice, to support the continuing digital transformation of Assembly and Assembly Commission business.
• Identify future challenges in the IT landscape and develop relevant mitigation strategies.
• Research and evaluate existing and emerging technologies, products and services, particularly cloud computing, to identify potential areas of improvement and support new ways of working.
• Provide strategic and authoritative technical advice to the Director of Parliamentary Services, Senior Management Team (SMT) and the Head of IT on matters relating to Assembly Commission systems, applications, policies and processes.
• Represent the Assembly at external forums and events, building and maintaining effective and constructive external relationships.

Operational

• Developing and Leading staff
• Leading and managing staff and teams to build a high-performing team that is focused on delivering excellence in all aspects of service delivery.
• Promoting a culture of learning and innovation with a strong customer ethos.
• Information Security Management
• Security Operations
• Compliance and Regulatory Alignment
• Security Awareness and Training
• Supplier and Third-Party Management
• Documentation and Reporting

Operational Developing and Leading StaffInformation Security Management
Risk Assessment and Incident Response
Security Operations
Compliance and Regulatory Alignment
Security Awareness and Training
Supplier and Third Party Management
Documentation and Reporting

Essential Criteria:Applicants for the post of ITSO must, by the closing date for applications:Possess at least a Bachelor’s (or higher) Degree in Computing or other discipline relevant to Information Systems / Information Technology, Cybersecurity or Network Administration*.
Plus
Have a minimum of 3 years’ experience in each of the areas a) - c) described below:

• Working across a multidisciplinary technology stack;
• Cloud environments (AZURE / AWS);
• Firewalls (On premise / Cloud services);
• Intrusion Detection / Prevention Systems;
• Security Information & Event Management tools (SIEM);
• Data Loss Prevention (DLP);
• Endpoint Management;
• Networking, Protocols & Vulnerability Management;
• Encryption & Identity Management;
• Policy creation; and,
• Developing and delivering Cybersecurity related Training.

• Working in roles such as, Security Operations, Incident Response and Investigation, Risk Management and / or Network Security and Architecture.
• Working knowledge/experience of information security management systems (ISMS)

AND
Possess a professional certificate that aligns with the responsibilities of the certificate of role, such as Certified Information Systems Security Professional; CISSP, Certified Cloud Security Professional (CCSP)).

ORHave at least 6 years’ experience working in a cybersecurity role, demonstrating progressive experience in technical and operational aspects of Cybersecurity.
Plus
Have a minimum of 3 years’ experience in each of the areas a) -c) described above.
AND
Possess a professional certificate that aligns with the responsibilities of the role certificate, such as Certified Information Systems Security Professional; CISSP, Certified Cloud Security Professional (CCSP) and have the ability to demonstrate knowledge of information security management systems (ISMS).

*NB only those courses with a computing content of 50% or more will be considered and applicants must give full details on the application form of how the content of the course meets this requirement.
What you need to do nowIf you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk