About Us:
Were Nominet a world-leading domain name registry operating at the heart of the UK internet. While we're best known for running .UK domains, our DNS expertise also underpins critical internet infrastructure that government services, including the NHS, rely on.
As a public benefit company, our work has a positive impact on society. Weve donated millions to projects that use technology to improve peoples lives and have committed to delivering £60m worth of support over the next three years.
The Role:
We are looking for a Chief Information Security Officer to deliver an industry leading security posture at Nominet.This is a critical role with responsibility for all aspects of Information Security.
The role will ensure Nominet remains at the forefront of regulatory compliance and standards while delivering exceptional operational performance across the business. You will work with our engineering teams to help underpin and realise our ambition to become a world class software company. Protecting the Nominet from security threats and cyber risk is of paramount importance for a company running critical national infrastructure and this role is pivotal to upholding security standards through a period of business change.
Reporting to the CTO, the CISOis a key member of the extended leadership team whose purpose is to be an advocate for Nominetstotal information security needs. The CISO is responsible for the development, direction, management and delivery of information security across the business both internally and externally. The role will encompass communications, applications and infrastructure, including the policies and procedures which apply across the company.
As CISO you will lead the on-going development and implementation of a security program that involves all business teams. Leading information security governance to advise the senior leadership team and the executive team on security direction while ensuring risk management is managed effectively with appropriate policies and controls.
What You'll Be Doing:
1. Support and drive Nominets ambition to become a World Class Software Company
2. Functional Leadership
3. Deliver a Secure and Resilient business
4. Ensure security and resilience remains a priority in the delivery of Nominets group operations
5. Maintain a current understanding of the IT threat landscape for the industry
6. Enhance, develop and maintain key operational procedures with a standards-based approach for all security work, ensuring effective development and operational compliance to applicable recognised standards
7. Lead the security requirement inputs for key transformation projects
8. Operate as Nominets Security Ambassador both Internally & Externally championing Nominets role in the industry
9. Develop and embed a security focused culture across the organisation. Communicate best practices and risks to all parts of the business. Make sure that cyber security policies and procedures are communicated to all personnel and that compliance is enforced
10. Brief the Board, Executive Team, senior management team and other key stakeholders on status and risks
11. Be a key partner to the CTO in helping to create strategy and process that will further the work of the organisation and ensure Nominet has the highest possible operational and technical security procedures in line with expectations of an operator of Critical National Infrastructure
12. Ensure Business Continuity
13. Support New Business Development
14. Contribute to the development of key internet and security standards
15. Develop relationships with existing CERT and responder community, looking to proactively develop new ideas
About You:
The criticality of this position requires a leadership approach that is engaging, imaginative, and collaborative, with a sophisticated ability to work with other leaders and external partners. There is a balance to be found between security strategy, good practice and other priorities at an organisation wide level, e.g., project delivery with clear security guardrails. This position needs a proactive and enthusiastic team lead who is excited by managing technology to deliver world-class data support to the Nominet business.
Must Haves:
16. 10 years+ experience working in an IT-Security role
17. 5 years+ in lead or management positions
18. A good understanding of Internet, DNS, threat analytics, networking and infrastructure technologies
19. In-depth knowledge of current security threats and issues as well as mitigation techniques
20. Skilled in policy debate and discussion
21. Experience working on committees and working groups with an ability to drive decisions through consensus
22. Digital leadership skills capable of empowering and leading a security team to meet business and security goals
23. Solid people management skills providing direction, monitoring performance, motivating staff and building a positive working environment
24. Ability to adapt to a fast-moving threat landscape and keep pace with latest thinking and new security technologies
25. Analytical mind capable of managing numerous information sources and providing data analysis reports to senior management
26. Strong customer focus able to meet the demands of internal and external customers
27. Excellent communication skills providing verbal and written communication that is outstanding to both direct reports and senior management as well as other stakeholders
28. Flexible and adaptable capable of changing direction where required and showing flexibility to meet new demands
29. Creative thinking able to look at alternatives and consider new ways of thinking to problem solve
Proven experience with:
30. Developing and delivering security strategies ideally in the environment of critical national infrastructure
31. Working with Board and Executive level management
32. Developing compelling and impactful business cases and presentations
33. CISSP, CISP, CISM or equivalent qualification highly desirable
34. Experience with Cyber Essentials, ISO /2 (or BSI equivalent) standards desirable
35. Previous government security clearance, e.g., SC/DV
Working at Nominet:
Our people make things happen, but our values are our compass as a company, guiding our day-to-day work and building our culture. They reflect that we're strongest when we're proactive and pull together, while underlining the importance of a "glass half full" mindset and aiming to keep things simple for success.
What We Offer:
36. Early Finish Friday Working week of 34 hours with full-time pay. (Finish at midday on Friday)
37. 30 days of annual leave plus bank holidays, with the ability to purchase an additional 5 days
38. Bupa private healthcare + Employee Assistance Programme
39. Electric vehicle scheme with on-site charging points
40. Rewards platform with access to discounts at hundreds of shops, restaurants etc.
41. Medicash discounts on routine healthcare including optical, dental and much more
42. Company and individual performance-based annual bonus
Diversity Statement:
We're passionate about creating a workplace where every individual is valued, respected, and empowered. Somewhere we can benefit from all forms of diversity and discover the true value in our differences. If there are any adjustments we could make to the recruitment and selection process to support you, please let us know
Security Statement:
Nominet is committed to the safeguarding and welfare of the internet and expects all employees and volunteers to share this commitment by participating in the relevant security and screening processes. All roles working for Nominet will be subject to a Baseline Personnel Security Standard (BPSS) check. Some roles due to the nature of their work, will require additional security clearance.