CISO - Cyber Security

Position Description:

As part of a major IT outsource contract we are looking for candidates for a Chief Security Officer role in Newtown St Boswells, Scottish Borders. You will be a critical member of the leadership team working on this prestigious programme. This is a senior role reporting to the client director and operating at the highest levels in both the client and, when necessary, at CGI UK Board level. You will need to be self-assured and able to operate in a client environment as the “face of CGI Cyber”. You will need to proactively liaise with the key members of the client’s security management and IT teams. You will work with colleagues from in other similar IT outsource engagements, CGI’s Cyber practice and infrastructure management organisation to manage additional resources and specialist skills such as pen testing, risk analysis, forensic incident handling and business continuity.

Your future duties and responsibilities:

Duties and responsibilities:
• Day to day management of the security of CGI delivery to the client ensuring progress in all security actions.
• Leading the handling of security incidents
• Providing senior client staff with ad hoc advice on security aspects of the CGI engagement and other issues as they arise
• Management and running of the CGI/Client Security Forum, including production of Minutes
• Maintaining the ISMS in accordance with the ISO/IEC 27000 series of standards and ensuring it is taken on by all parts of CGI implemented.
• Overseeing the review of Change Requests from a security perspective
• Ensuring business continuity is managed, for the CGI provision to the Client, in accordance with the ISO 22301 business continuity standard
• Ensuring security audits are undertaken in a timely manner and results promulgated both within CGI and within the Client – this will include both technical penetration testing as well as wider validation of the ISMS
• Ensuring security awareness is maintained in the CGI team allocated to the contract
• Ensuring that new joiners are on-boarded in a secure manner and that any necessary Client specific briefings are given
• Ensuring that programme leavers are off-boarded in a secure manner and that they are reminded of their confidentiality undertakings. This is both for individuals leaving CGI as well as those transferring to another project in CGI
• Ensuring compliance with the security aspects of the contract with the Client are maintained and that any issues are highlighted to appropriate CGI managers in a timely manner if issues area foreseen.

Required qualifications to be successful in this role:

A solid Cyber Security background preferably gained from operating in a local government, healthcare and/or financial environment in the past and should previously have held an operational security management. You should ideally already hold UK Security Clearance to SC level or be willing and eligible to undergo this level of clearance.
You will be based in either our Edinburgh or Newtown St Boswells office with at least 3 days per week on the client site in Newtown St Boswells.

Direct experience in leading best-in-class IT security function in high risk exposure industry or environment
• Proven ability to operate within the financial services industry
• Ability to interact professionally with colleagues and/or customers for different purposes in different contexts
• Ability to collaborate across the organisation
• Maintain composure under pressure
• Ability to comprehend and follow verbal or written instructions
• Effective verbal and written communication
• Certified Information Systems Auditor (CISA) or Certification for the Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)