Chief Information Security Officer |CISO|

Job description
Closing Date

2024-10-13

Job Title: Chief Information Security Officer (CISO)

Location: Durrington (Worthing) Hybrid

Contract Type: Permanent

Hours: 37/ week

There has never been a better time to join our organisation as we build towards a greener future, tackling climate change, minimising our environmental impact, and reducing our carbon footprint!

In this role, you will be responsible for managing and monitoring the IT/ OT and Information security strategy, in conjunction with the Operations, Data Protection, Security and Governance teams.

You will ensure security is maintained and communicated as required across the organisation.

Job Overview

Reporting to the CIO and other IT Heads, you will act as the trusted Advisor on all things relating to Information Security. You are responsible for planning, implementing, monitoring and remediating the information security policy.

Responsibilities Will Include
• Providing information governance (IG) advice and guidance to senior stakeholders across the business
• Assisting with IG related issues
• Providing security reports to senior stakeholders and authorities, internally and externally
• Implementing, managing, updating, and acting in accordance with, the Information Security & information governance policies
• Management and leadership of staff to deliver and demonstrate security and operational compliance within the Information Security, Information, Governance, Risk & Compliance function
• Oversee incident response planning as well as investigating and reporting actual or potential security incidents
• Undertake and report on regular information security audits / access control checks, as required
• Identify changing threat models & vulnerabilities, and implement appropriate risk-based response
• Ensure risks are effectively captured and managed within the IT function, aligned with group guidelines, company guidelines and leading practice
• Responsible for risk and compliance assessments, including penetration tests, within a defined functional or technical area, using a consistent process for identifying potential risk events; quantifying and documenting the probability of occurrence and impact on the business. This will include the production of control and countermeasure recommendations and approaches which will then inform a robust risk mitigation plan
• Be an advocate for information security and information governance in Southern Water with staff, customers and 3rd parties; promoting awareness, training sessions / road-shows, and the positive benefits to the organisation

About You

You will have significant experience working as a CISO in a medium to large, complex organisation, ideally with knowledge and experience of national security.

You Will Have
• Proven track record in establishing and managing Information Security and IG in a regulated environment
• Working knowledge of pertinent security and compliance law and standards pertaining to international regulated environments (e.g. GDPR, NIS, PCI-DSS, ISO27000 etc)
• Must have a solid understanding of information technology, information security and Information Governance. Physical security knowledge a bonus
• Relevant professional qualification e.g. CISSP, CISM or PCIP accreditation
• Educated to Batchelor’s degree level (or equivalent), with considerable professional experience operating at a senior level in the private and/ or public sector with a demonstrable track record of managing security services, Information Governance and operational risk
• Ability to assimilate business information quickly and translate that into effective IT plans
• Ability to effectively prioritise and execute tasks across multiple stakeholders
• Proven analytical and problem-solving abilities
• Keen attention to detail
• Track record in working with third party vendors to deliver software supply, support and solutions
• Excellent written and oral communication skills and ability to present ideas in business friendly language
• Gravitas and ability to influence senior stakeholders
• Strong self-motivation and is a self-starter
• Strong leadership skills and ability to shape the team to maximise delivery and develop potential
• Good customer service orientation
• Familiarity with industry-standard IT and security process frameworks
• Experience leading presentations and facilitating workshops up to, and including Board level
• Experience working in a team-oriented, collaborative environment
• Experience with business continuity planning, auditing and risk management
• Commercially aware with exposure in contracting & financial management
• Background and understanding of regulatory environments is an advantage, but is not a prerequisite
• Strong technical knowledge of end-to-end provision of IT services. While specific technical knowledge is not required, ability to see the end-to-end customer journey and understand the technical interlinking of components (including in-life service) is necessary
• Experience in project oversight & delivering information / IT security projects

Package

This role will be full time Monday to Friday with a hybrid approach to working between our Durrington (Worthing) office and home.

Competitive Salary And Benefits Including
• Generous pension up to 11% company contribution
• 25 days annual leave
• Monthly car allowance
• Life assurance equal to 4x salary
• Salary sacrifice electric car scheme (after 6 months service)
• Health Cash Plan
• Full funded eye tests
• Two paid volunteering days a year
• Occupational health service
• Discounts with over 800 popular retailers
• Digital GP service
• Study support may be available for job-related qualifications
• Competitive maternity leave and flexible return to work options
• Cycle to work scheme
• Private Medical Insurance

Join our Digital Team and see how far your career could progress with a company committed to career progression, training and development opportunities, our customers and the environment.

Does this opportunity excite you but you’re not 100% sure if you meet all the requirements for the role? Or are you concerned that ‘normal’ office hours aren’t possible given your personal circumstances? Whilst we can’t accommodate every flexible working request, we’ll try to find a practical solution. So why not engage with us and find out more about this role?

If this role isn’t quite what you’re looking for but are keen to be contacted about opportunities at Southern Water, you can register your details here: Introduce Yourself (myworkdaysite.com)

Our customers are at the heart of everything we do, because delivering water for life is our core purpose. To achieve this, we need 24/7 support in place to resolve incidents quickly and efficiently. All our employees understand the importance of out-of-hours incident support – because when problems appear, fixing them is our top priority. That’s why our people join together and support when and however needed to make sure our customers get the service they deserve. Joining the Southern Water family means you’ll become part of our incident support team. During your interview, your manager will speak to you about any incident support rotas that apply to your position.

Privacy Statement

Please note: If you are an existing Southern Water employee, you will need to confirm within your application that your Manager is aware of your application.

All applicants must be eligible to live and work in the UK. You will need to provide evidence of eligibility (e.g. a passport or long birth certificate and proof of NI) and current proof of address (dated within the last 3 months), will be required as part of the recruitment process. If you do not meet these criteria, your application will not be considered.