Note: The cyber security standards, assessment and design of HS2s railway operational technology (signalling, SCADA systems, railway access control and video surveillance etc.) will be managed by the infrastructure directorate and is not a direct accountability.
About the role:
- HS2 lead for Information security delivery across all HS2 sites, locations, staff and across the supply chain
- Deliver specialised information and cyber security assurance services to the whole of HS2 Ltd’s corporate functions with appropriate due diligence of projects and contracts, and if required change requests
- Accountable for assuring the outcomes of the HS2 Information and Cyber Security Strategy and Policy are delivered in line with the HS2 Security Strategy and coordinated with other security functions
- Responsible for delivering governance and assurance of Information and Cyber Security across HS2 Ltd’s corporate functions, and with IT of our supply chain, to ensure compliance with government policy, legislation and contractual requirements
- Continuously assess strategic information and cyber security threats and work with relevant stakeholders to ensure adequate controls are in place
- Deliver Information and Cyber Security training as follows: to all staff annually ensure awareness of relevant policies and procedures, to Information Assets Owners so they are familiar with their role and responsibilities relating to information risk, and as required and deconflicted with IT to individuals and teams so that HS2 is able to rapidly respond to information incidents in line with the information breach management process and the HS2 Incident Management Plan
- Manage internal and external cyber security audit and assurance activities and assist in the achievement of best industry standards
- Management of information and cyber security risk ensuring that appropriate controls are in place to ensure risk remains within our appetite and that information in HS2 is held securely and legally
- Lead HS2’s strategic interactions with the DfT Information Security Unit, National Cyber Security Centre (NCSC), the Centre for Protection of National Infrastructure (CPNI) and other dependent Government agencies for all HS2 related corporate information and cyber security related activities
- Actively promote and embed Equality, Diversity and Inclusion (EDI) in all your work and support and comply with all organisational initiatives, policies and procedures on EDI.
- Current certification to CISM, CISSP, or other information security qualification of similar standing
- Knowledge of HMG’s Security Policy Framework and governance of information assurance within the UK public sector
- Knowledge of Information and cyber security risk management
- Experience as an information & cyber security lead for a large, complex organisation within the UK
- Experience of developing and implementing IT security strategies, objectives and plans minimising disruption to the business
- Experience of building relationships with key internal and external stakeholders and senior colleagues
- The post-holder is expected to behave at all times in a manner consistent with the HS2 values of Safety, Leadership, Integrity and Respect.
- It is expected that you will actively promote and embed Equality, Diversity and Inclusion (EDI) in all your work and support and comply with all organisational initiatives, policies and procedures on EDI.
We ask for a variety of detail in your online application, however we perform the first assessment of suitability for a role based solely on the information in your CV. Please attach an updated word version of your CV for each new application and include evidence directly related to the criteria in the job advert.
High Speed 2 (HS2 Ltd) will be the UK’s new high speed rail network. As well as improving capacity, the new scheme will shorten journey times between a number of Britain’s major population centres, boost the economy and create thousands of jobs.
HS2 Ltd will create a skills legacy and develop a diverse range of talent. We aim to be a leader in EDI practice by creating a safe & inclusive working environment for all our staff – living our values of Safety, Respect, Integrity and Leadership.
HS2 Ltd is also a safety-critical organisation. Employees are required to ensure reasonable care of their own and others’ health and safety by taking personal responsibility for working to our ‘Safe at Heart’ programme principles and following safe working procedures at all times.
We operate broad pay scales for all our roles to enable us to fulfil our commitments to inclusivity and career development. Final package is dependent on individual knowledge, skills and experience. In addition, we offer a range of competitive benefits – check them out in the Benefits section on our website.
HS2 Ltd endeavours to ensure everyone working for us and with us feels included, thrives and achieves their full potential. In practice, this means we are positive and inclusive about making adjustments, providing flexible working, encouraging our staff networks to flourish and providing personal and professional development opportunities.
Closing date: 16 May 2022.
Contact Name: HS2
Job ID: 3077046