IT Cybersecurity & Compliance Team Lead
FULL TIME, PERMANENT
As the Security and Compliance Team Leader, you will be at the forefront of shaping our institution's resilience against digital threats. We are seeking an individual with a proven history in developing and implementing cutting-edge security measures, ensuring the protection of sensitive information, and maintaining compliance with regulatory standards.
You will also provide mentorship to the IT Security & Compliance Apprentice and the wider S&C team to ensure that they are supported, trained, informed, and challenged within their role.
Key Responsibilities
* Develop and implement comprehensive security strategies to safeguard digital assets and sensitive information within the college.
* Lead the planning and execution of security initiatives, ensuring alignment with organisational goals and compliance requirements.
* Manage the day-to-day operation of the security suite services, including overseeing of the incident response protocols and lead investigations into security incidents, ensuring a swift and effective resolution. Ensure timely and effective response to security related issues, minimising downtime, and disruptions to college activities.
* Identify areas for service improvement and develop strategies to enhance security awareness training and awareness delivery to our end users. Collaborate with relevant stakeholders to implement best practices and optimize processes, aiming for continuous service improvement.
* To support the IT Security & Compliance team with conducting and documenting regular internal audits with all functions within the organisation to ensure working practices align with the CIPHR policy set.
* Navigate and interpret the regulatory landscape specific to Further Education, ensuring the institution's adherence to all relevant security and compliance standards.
* Develop and maintain policies and procedures to ensure ongoing compliance with industry regulations and best practices.
* Collaborate with IT, Business Support, and Academic teams to integrate security seamlessly into operations, fostering a culture of security awareness and responsibility.
* Provide guidance and support to departments across the institution, ensuring a comprehensive approach to security and compliance.
* Develop and deliver training programs to enhance the cybersecurity awareness of staff and faculty, empowering them to play an active role in maintaining a secure environment.
Qualifications
* A degree in a relevant field such as Cyber Security, Computer Science, Information Security, or a related discipline.
* Relevant professional certifications such as CISSP, CISM, or equivalent, demonstrating a commitment to ongoing professional development in the field of cybersecurity.
Knowledge & Skills
* In-depth knowledge of current cybersecurity threats, trends, and best practices, with a proven ability to develop and implement effective security strategies. Strong interpersonal and communication skills to effectively collaborate with stakeholders at all levels of the organization.
* Comprehensive understanding of regulatory frameworks relevant to Further Education in the UK, including GDPR, DPA, and other sector-specific compliance requirements. Proficiency in business analysis tools and techniques, such as process modelling, data analysis, and user story development.
* Proficiency in evaluating, implementing, and managing security technologies, tools, and systems to protect digital assets and sensitive information. Strong attention to detail and the ability to work independently with minimal supervision.
* Strong understanding of risk assessment methodologies and the ability to identify, prioritize, and mitigate security risks in a dynamic educational environment. Good oral and written communication skills with a capacity to deal effectively with staff, students, parents, employers, and others
* Experience in developing and maintaining security policies, procedures, and documentation to ensure compliance with industry standards and organizational requirements.
* Proven ability to lead and inspire a security and Compliance Team, fostering a collaborative and high-performance culture.
* Excellent communication skills with the ability to convey complex security and compliance concepts to both technical and non-technical stakeholders.
* Strong analytical and critical thinking skills, with the ability to make sound decisions in high pressure situations.
* To have good leadership, administrative and organisational skills
* To be able to demonstrate behaviours consistent with the College’s Core Values.
* To commit to the safeguarding and promotion of the welfare of children, young people, and vulnerable adults within the College.
* Ability to collaborate effectively with cross-functional teams, promoting a unified approach to security and compliance across the institution. Commitment to undertake any mandatory training relevant to the role.
* Skill in developing and delivering training programs to enhance cybersecurity awareness among staff and faculty.
Experience
* Proven experience (3 years plus) in a senior security role, with a history of successfully leading security initiatives and managing a team.
* Experience in developing and implementing incident response protocols, as well as conducting investigations and implementing corrective actions. Strong history of successfully delivering technology enhancements, including process analysis and refinement, solution design, and implementation.
* Demonstrated experience in navigating and ensuring compliance with regulatory frameworks relevant to Further Education.
* Preferably, previous experience working in a similar role within the education sector, understanding the unique challenges and requirements of educational institutions.
* Experience working with ITSM products from a ticket management perspective