Head of Data Security and Compliance job vacancy

Confidential

Overview: Head of Data Security and Compliance job vacancy in Not Specified recruiting now

Ref: 216874534
Employer: Confidential
Location: Not Specified, United Kingdom
Salary: London £71,310 – £80,384
Employment Type: Permanent

Job Details:

Summary
At HMRC, we are committed to creating a great place to work for all our colleagues; an inclusive and respectful environment that reflects the diversity of the society we serve.

We want to maximise the potential of everyone who works for us, and we offer a range of flexible working patterns and support to make an exciting career at HMRC accessible to you.

Diverse perspectives and experiences are critical to our success, and we encourage applications from all people from all backgrounds with the experience and skills needed to perform this role.

About the Customer Compliance Group (CCG) & Customer Compliance Finance & Planning (CCFP)

Customer Compliance Group (CCG) is a Business area that ensures that HMRC successfully collects the full and correct amount of money due from UK taxpayers, investigates offences against the tax system and takes action to identify and mitigate potential threats. In CCG, we want to provide a quality service to help customers get their tax right. We want to make it easy for them to repay or receive the right money at the right time.

With one of the largest enterprise changes taking place on information management and security, this is an exciting time to join Customer Compliance Finance & Planning (CCFP) Directorate, within our Customer Compliance Group (CCG) business group. In CCFP, a significant part of our role is working as a central service function for CCG business group that includes multiple directorates.

Responsibilities
This role brings the opportunity to provide leadership and drive delivery, which enables the department to understand the benefits of UK GDPR compliance and the risks of non-compliance. Work collaboratively with colleagues across the department to define and implement strong foundations of compliance for use across CCG.

As Head of Data Security and Compliance You will be:

• Leading improvements in information security and data compliance in CCG by designing, building, and delivering a robust data compliance regime in our business operation, against legislative requirements, policies, frameworks, and best practices (e.g., ICO Accountability Framework, ISO27001, National Cyber Security Centre (NCSC) Cyber Assessment Framework).

• Driving risking, remediation and compliance activities, identifying gaps, progressing mitigation plans to make sustainable improvements, and reducing data protection and security risks, keeping customer data safe.

• Ensuring development of products, artefacts, processes, and deliverables are systematic, repeatable, and consistent – leading deployment of information security activities (e.g., Data Protection Impact Assessments (DPIA); security risk/impact assessments; remediation and mitigations; Records of Processing Activities (ROPA); risk appetite / tolerance, etc).

• Drive changes in accordance with data strategy and enterprise security services, consistent with HMG and recognised Security and Data practices.

• Responsible for producing Management Information and statistics to demonstrate progress. Coordinating and developing commissions and senior briefings.

• Developing, implementing and amplifying policies, procedures, guidance, and best practice, in accordance with legislations and regulatory expectations; and ensuring oversight through effective governance.

• Drive strategy, positive culture change, commissions, operational deliverables, and new technology/services in the business through designing and running effective campaigns; taking people on a journey.

• Engage across the department and externally on data and information security through designing and running campaigns. A self-starter, leading from the front with their ability to apply hands on expertise.

• Promoting and championing the continuous development and improvement ethos, showing leadership through a flexible approach, improving staff capability and developing robust data and security plans – in a fast and changing environment.

Essential Criteria:

You are required to demonstrate experience of the following within your application:

• Holds 2 or more from the following academic or professional qualification list or equivalent:

– Graduate or a postgraduate qualification in a data, information security, cyber, law or engineering related subject.

– Professional certification from CISSP, CISM, CISA, ISO27001 ISMS Lead Auditor, GDPR/Data Protection Practitioner, SABSA, GIAC or equivalent.

• Extensive experience in information security, cyber, governance, risk and compliance (GRC), with working knowledge of using industry best practices and frameworks (examples: ICO Accountability Framework, NCSC Cyber Assessment Framework (CAF), ISO27001 Information Security Management Systems (ISMS), NIST or equivalent).

• An excellent communicator at all level, with strong written ability, who builds effective stakeholder relationships and creates trust through hands on experience.

• Ability to present and brief at director level on complex data and information issues, presenting visual aids that are clear and concise.

• Proven record in delivering cyber, information security or data compliance programme and deliverables (examples: Asset Registers; DPIA; security risks/impact assessments; Remediation Plans; Risk Appetite / Risk Tolerance; ROPA).

• Developed frameworks, policies, procedures, guidance and/or best practices in data protection, information security or cyber.

Desirable Criteria:

• Applied cyber, information security, assurance, or compliance activity in UK Government.

• Experienced in delivering technology/cloud services, for example: AWS and/or Microsoft products (Azure, O365, SharePoint online).

• Technical or architectural knowledge of Microsoft Cloud Services.

• Held a leading information/data security role (e.g., Data Protection Officer, CISO/Deputy, IAO) or knowledge of generating MI/statistics e.g., Tableau, Power BI.

Qualifications
• Holds 2 or more from the following academic or professional qualification list or equivalent:
– Graduate or a postgraduate qualification in a data, information security, cyber, law or engineering related subject.
– Professional certification from CISSP, CISM, CISA, ISO27001 ISMS Lead Auditor, GDPR/Data Protection Practitioner, SABSA, GIAC or equivalent

 

NOTE TO JOB SEEKERS

Apply for this Head of Data Security and Compliance job vacancy via Bubble Jobs today.  You can find other jobs like this Head of Data Security and Compliance job vacancy in Not Specified with our simple job search feature. As well as advertising vacancies like this Head of Data Security and Compliance job vacancy, Bubble Jobs specialises in advertising web jobs, digital jobs, tech jobs and other specialist jobs for a wide range of employers and recruiters. If you’re looking for career advice or job searching tips, then make sure you check out our blog which is updated regularly with useful advice and resources.  Don’t forget to follow us on Twitter to get the latest job updates and addition career related news and posts. Thanks for using Bubble Jobs and good luck with your job search.

Close Bitnami banner
Bitnami