Description: |
- Lead the creation and evolution of the Agency's IS security policy, standards and guidelines, taking into considerationbusiness and legal requirements and best professional and industry practise, enabling the Agency to appropriately secureit's inform- Provide effective leadership and communication through clear objectives and personal development plans, so that theteam identifies with the- Our Clients' culture and vision, achieves agreed programmes of work and individual performance is optim- Lead and direct risk analysis of the current information technology environment and security controls to detectcritical deficiencies and recommend solutions for improvement.- Lead and direct reviews of the professional security community in order to identify best practise opportunities,industry security trends, and potential risks to the organisation.- Lead and direct the definition and maintenance of a set of IS security processes across the Agency, to provide astructured and consistent way of creating, maintaining, and enforcing the IS security across the organisation andexternal parties.- Design and direct the enterprise IS security governance structure and compliance activities (such as exception andexemption handling) ensuring that all information technology investments build towards the agreed business target and usethe defined principals- Lead the creation and evolution of the IS Security function to ensure the efforts of the core team and expert resourcesthroughout core business, CIS functions and external partners are effectively co-ordinated.- Lead the promotion and communication of the enterprise IS security programme and associated processes to allstakeholders within the organisation and partners to ensure a consistent understanding of the principles, standards andtargeted direction.- Lead the creation and delivery of an annual risk-based IS security audit programme to ensure that provision and uses ofInformation Systems are compliant, and also validating that the policy is practically fit for purpose, identifyingappropriate remedyFurther details on request |
