It director

Closing Date:

17/04/2026

Group:

Corporate Group

Management Level:

Senior Management Specialist

Job Type:

Permanent

Job Description:

How to Apply

JNC Recruitment is managing this vacancy on behalf of Ofcom. Please note that this role will close at 00:01 on 17th of April. Please direct your application to ross.richards@jncrecruitment.com

About Ofcom

As the UK’s communications regulator, we’re delivering vital work that helps keep the UK connected and shapes the future of how we’ll stay connected with each other.

Our work covers everything from phones and broadband, through to TV, radio, the postal service, and wireless devices. We’re also taking on the challenge of making the online world a safer place. And we need people of all backgrounds, skill sets, and experiences to help us achieve our goal of making communications work for everyone.

About the team you’ll be part of

You will join a forward-looking complex regulatory organisation, committed to shaping the future of its technology. You will be leading a team that:

1. Provides robust and reliable technology platforms that enable the organisation to achieve its strategic objectives including operational maintenance.

2. Ensures that new AI functionality introduce in core platforms and existing applications does not pose a risk to Ofcom data or systems.

3. Manages cybersecurity across the estate, maintaining high standards of protection.

4. Administers complex vendor contracts and outsource agreement for IT services ensuring maximum value and cost efficiency.

5. Delivers comprehensive IT support services as required by the organisation.

6. Provides rigorous operational financial management to ensure cloud and compute costs are minimised

The purpose and scope of the role

As IT Director you will be responsible for delivering efficient and secure infrastructure and technology support for Ofcom’s complex regulatory environment. A hands-on Director, your responsibilities include:

7. Provide end‑to‑end accountability for cyber security across the core Windows estate and critical enterprise platforms, including Salesforce, Workday and the corporate website, ensuring risks are proactively managed and controls remain effective.

8. Lead the availability, resilience and performance of networks, infrastructure and platforms, ensuring services are reliable, scalable and able to meet organisational and regulatory requirements.

9. Own service management for end‑user computing, desktop and application support, ensuring services are delivered in line with agreed service levels and continuous improvement expectations.

10. Manage complex supplier relationships across a multi‑supplier environment, driving value for money, service quality and performance within a fixed and constrained budget.

11. Lead financial management for technology operations, including cloud services, compute and associated running costs, maintaining strong cost control, transparency and forward planning.

12. Oversee the operational maintenance, patching and lifecycle management of platforms and infrastructure, ensuring environments remain secure, supported and fit for purpose.

13. Lead a team of onshore and offshore resource to deliver the service.

14. Work in close partnership with Digital, Data and AI Director and team to ensure technology operations align with long‑term business strategy, enabling the organisation to deliver its mission effectively and sustainably.

This role requires deep expertise in providing secure and trusted environments together with a hands-on approach

Your Key Responsibilities

End to end cyber security ownership

15. Provide executive accountability and practical leadership for cyber security across the core Windows estate and critical enterprise platforms (Salesforce, Workday, corporate website). Set risk appetite, implement proportionate controls, and lead response to threats. Maintain a living risk register, drive remediation, and personally oversee high severity incidents. Leverage the Microsoft security stack to harden endpoints, identities, data and SaaS integrations.

ISO/IEC 27001 leadership

16. Own the operational delivery of your domain and ensure alignment to ISO/IEC 27001. Keep the Statement of Applicability current; evidence control effectiveness, and drive non-conformance management. Prepare for surveillance/certification audits, coordinate internal audits/assurance, and ensure suppliers supporting AI/data/cloud services meet contractual and technical security obligations. Embed secure by design, change control, logging/monitoring, vulnerability management and BC/DR requirements into operational processes.

Network, infrastructure and platform resilience

17. Lead the availability, resilience and performance of the network, infrastructure and platforms. Set and meet RTO/RPO targets; design and test failover and disaster recovery; oversee capacity/performance management and patch hygiene. Apply SRE/operational excellence practices to achieve reliable, scalable services that meet organisational and regulatory requirements.

Service management and user experience

18. Own end user computing, main phone system, company mobile phones, desktop and application support with service management. Ensure incident, request, problem, change and release processes are disciplined and outcome focused. Uphold SLAs and drive continuous improvement through analytics, feedback and self-service. Maintain a modern Windows 11 build; manage configuration and compliance. This also includes service management for our contact centres.

Cloud platforms (with depth in Microsoft Azure)

19. Provide leadership for cloud operations—primarily Azure. Ensure secure connectivity, identity architecture (Entra ID), password management, backup/recovery, cost controls and platform guardrails.

Microsoft estate expertise

20. Serve as the executive owner for the Microsoft stack across identity, endpoint, collaboration and security. Set standards for conditional access, MFA, privileged access (PIM), device compliance, app protection policies, baseline hardening and tenant hygiene. Oversee Defender for Endpoint/Identity/Cloud/Office detections and response; tune Sentinel analytics/playbooks; govern Power Platform environments and manage lifecycle and sprawl.

Multi supplier/vendor management

21. Manage a complex supplier ecosystem. Hold suppliers to account on KPIs/SLAs, security obligations (incl. ISO 27001 alignment), service quality and value for money within a fixed public sector budget. Negotiate commercially robust contracts and ensure exit/transition, supportability and knowledge transfer are embedded.

Financial management and FinOps

22. Lead financial stewardship for technology operations: cloud services, compute, licensing and run costs. Work with Finance Business partner to control spend and forecast accurately, providing transparency to the PMB/Executive on cost drivers and benefits realisation.

Operational maintenance and lifecycle

23. Responsible for patching and vulnerability remediation, asset/configuration management, and hardware/software lifecycle. Ensure secure configurations, certificate/key management, and robust backup/restore tests across on premise and cloud workloads.

24×7 service delivery leadership

24. Lead a blended team of onshore colleagues, and offshore partners to deliver robust operations. Set rotas/major incident practices, ensure clear escalation paths, define RACI across internal teams and suppliers, and invest in capability (training, runbooks, automation). Foster a culture of accountability, inclusivity and high performance.

Leadership

25. Provide visible leadership to IT operations team, setting clear direction and expectations for secure, resilient service delivery. They will build a high‑performance culture based on accountability, collaboration and continuous improvement, actively engaging with the team on priorities, risks and incidents. Through inclusive leadership, clear communication and a strong focus on capability development, they will support colleagues to take ownership, manage complexity and deliver reliable outcomes at pace.

Collaboration with Digital, Data and AI Team

26. Partner closely with Digital, Data and AI Director to align operations with long term strategy. Provide secure, well governed platforms for analytics and AI (data governance, privacy by design, access control, model hosting/monitoring), and ensure technology choices accelerate delivery of organisational outcomes.

Risk, compliance and assurance

27. Providing clear reports for PMB, Risk and Audit/Board committees. Ensure compliance with relevant public sector guidance and regulatory obligations. Run regular exercises (tabletop, red/blue team, DR tests) and drive remediation to closure.

Continuous improvement and automation

28. Champion automation and adopt metrics driven improvement. Celebrate early wins and scale proven practices across teams and suppliers.

The skills, knowledge and experience you’ll need for success.

Skills & Experience

29. Hands-on experience in IT leadership roles within complex organisations with tight budgets.

30. Deep understanding of IT governance, risk management, and compliance frameworks.

31. Demonstrated ability to manage complex large-scale IT budgets, contracts, and vendor relationships.

32. Proven track record in developing and executing IT strategies and digital transformation initiatives.

33. Proven track record of enterprise architecture, cloud computing, cybersecurity, and emerging technologies

34. Experience of Microsoft infrastructures essential.

35. Salesforce and Workday highly desirable.

36. Experience in leading multidisciplinary teams and managing change.

37. Experience of negotiating highly complex vendor relationships and associated contracts.

Qualifications

38. Bachelor’s or Master’s degree in Computer Science, Software Engineering, or related field.

39. Extensive experience in IT infrastructure provision in regulated environments with strong cyber security. Significant senior leadership experience.

Behaviours

40. Strategic thinker with a results-driven mindset.

41. Collaborative and able to influence at all levels.

42. Adaptable to change and promotes innovation.

Inclusivity Statement

Ofcom has a clear mission: to make communications work for everyone. To be able to deliver on this, we want our organisation to reflect the diversity of background, experience, upbringing and thought that exists across the UK. We aim to recruit from the widest pool of candidates possible – no matter your social background, age, ethnicity, sexual orientation, gender, or disability. We also warmly welcome applicants who are returning to the workforce after a break – for whatever reason. If you have taken time away and are ready to rejoin, we look forward to reviewing your application.

Where positions are listed as full-time, we remain open to reduced hours, part-time arrangements, job shares, and other flexible working options. From day one, we champion flexible work arrangements to accommodate individual needs. You can read more about our Rewards, Benefits and Well-being on our careers page.

Our recruitment processes prioritise accessibility and inclusivity. If you need adjustments, information in an alternative format, or prefer to apply in a different way, please contact us at resourcing@ofcom.org.uk or call 0330 912 1378.

As a Disability Confident Leader, we offer interviews to disabled applicants who meet essential criteria for advertised roles. Learn more about this scheme here. https://careers.ofcom.org.uk/careers/how-we-hire/