In this role, you'll be responsible for overseeing all technical elements within the Cyber Assurance workstream.

You'll manage the technical execution, vulnerability management, and implementation of mitigation controls, aligning them with the overall Cyber Assurance Strategy. Your focus will be on core applications, while driving assurance activities and maintaining regular engagement with senior management. You will also manage CAPEX/OPEX budget responsibilities related to project outcomes.

Key Responsibilities

• Lead the technical aspects of large-scale projects, ensuring the successful delivery of security measures and vulnerability management.
• Provide expert guidance on security matters across digital assets and applications, assessing current practices and developing future roadmaps.
• Oversee a multidisciplinary team, providing leadership and mentorship to ensure successful project delivery.
• Monitor and manage CAPEX/OPEX budgets, ensuring financial accountability and alignment with project goals.
• Regularly update senior management on operational performance, progress on security investments, and effective risk management.
• Step in for your line manager when needed.

A strong understanding of diverse technical stacks is essential for effective collaboration with teams specializing in architecture, networking, security, operations, cloud services, UNIX, databases, and application development.

Take full accountability for maintaining an operational control framework across the business's applications, managing technical testing schedules, and acting as the primary technical specialist for critical security controls at the first line of defense.

Core Responsibilities Include:

• Develop business cases to secure CAPEX funding for critical security projects.
• Conduct regular benchmarking of security posture and stay current on emerging technologies by running proof-of-concept initiatives to implement security enhancements.
• Establish and maintain security standards and best practices for the business.
• Oversee audits to ensure compliance with internal standards and external regulations.
• Monitor key risk indicators and implement mitigation strategies as necessary.
• Forecast operational costs based on the risk landscape and the Cyber Assurance roadmap.

What You'll Bring

• A degree-level education is required, along with extensive experience in shaping IT security strategies for organisations of similar size and complexity. Relevant industry certifications such as CISSP, CISM, or ISO27001 are highly desirable.

You should have demonstrable experience and expertise in:

• Managing security risks, including identifying, recommending, and implementing remediation plans.
• Reviewing technical designs across various IT and digital disciplines, ensuring appropriate controls are in place.
• Leading penetration testing and control assurance programs, with the ability to address gaps in current controls.
• Implementing and managing specialist security tools.
• Best practices in security and expertise in vulnerability and risk management for organisations with a mature security posture.
• Estimating and overseeing CAPEX and OPEX budgets.
• Understanding key regulatory requirements affecting IT security strategies.

You'll excel in a leadership role that demands a strong delivery focus, excellent stakeholder management skills, integrity, and discretion. You should be highly skilled in communication, able to foster strong relationships with stakeholders, and capable of influencing and negotiating effectively.

GCS is acting as an Employment Agency in relation to this vacancy.