We are seeking an experienced and proactive Programme Security Manager to lead security integration within a major programme, operating as the Delivery Team Security Lead (DTSL). This role sits at the heart of the Secure by Design workstream, ensuring robust cyber and information security is embedded from concept through to delivery.
Key Responsibilities
* Lead and coordinate the Secure by Design (SbD) workstream across programme stakeholders.
* Chair and manage the Security Working Group (SWG), ensuring effective governance and timely decision-making.
* Advise on security strategies, support acquisition planning, and ensure security is factored into all phases of delivery.
* Identify, record, and monitor security risks; support governance of cyber security risk registers. Support and prepare systems for Cyber Compliance Framework (CCF) audits using NCSC and NIST guidance.
* Guide development teams in embedding SbD principles and support secure development lifecycles.
* Liaise with incident response teams to coordinate security incident response and recovery.
* Oversee creation and maintenance of accreditation plans and associated documentation. Lead risk assessments and ensure compliance with organisation’s security standards.
Essential Criteria
* Professional information security qualification (e.g. CISSP, CISM, CCP) or NCSC-recognised equivalent.
* Extensive programme-level experience in cyber/information security delivery and governance.
* Strong written and verbal communication skills, with the ability to communicate technical risk to varied audiences.
* Experience applying cyber control frameworks such as NIST CSF 2.0, NCSC CAF, and ISO 27001.
* Skilled in risk management, threat analysis, and cyber governance.
* Proficient in SIEM and analytical tooling to detect security incidents across complex IT environments.
* Sound understanding of enterprise IT systems and the security challenges they face.
* Up-to-date knowledge of current and emerging cyber security trends and threats.
#J-18808-Ljbffr