Corporate Security Manager

  • Management
  • London

6-month FTC – could become permanent Ofcom Ofcom is the regulator for the communications services that we use and rely on each day. We make sure people get the best from their broadband, home phone and mobile services, as well as keeping an eye on TV and radio. We also oversee the universal postal service, look after the airwaves used by wireless devices, and also help to make sure people don’t get scammed and are protected from bad practices. We have recently taken on the regulation of video-sharing platforms, and we are preparing for a role in protecting people from online harms.

Protecting consumers is at the heart of what we do. Our culture is clear – we live by our values: Empowerment; Excellence; Collaboration; and Agility. These define how we work to deliver our purpose, now and in the future. The behaviours which support these values set the path for a fully inclusive and innovative culture at Ofcom.

We focus not only on what we do, but how we do it. We pride ourselves on being an organisation of people who genuinely care about helping others. Purpose of the role You will work closely with the management teams of all Ofcom Groups to support the development and management of their security objectives. You will establish yourself as a subject matter expert within Ofcom, providing specialist, professional advice on security issues to stakeholders, becoming a valued and trusted partner.

Key responsibilities The position will be responsible for maintaining an ISO 27001 compliant Information Security Management System (ISMS) Partner with key stakeholders to determine specific needs in relation to information, cyber and physical security and to recommend solutions and lead on their implementation Formalise and oversee the approach for assessing and managing corporate security risks within Ofcom’s wider risk management framework. Maintain an information security risk register. Complete corporate security risk assessments for new/existing projects/processes. Ensure the organisation follows good practice and meets legislative and regulatory requirements.

Develop and deliver a programme of planned compliance reviews and ensure any gaps are addressed. Promote security awareness by developing and implementing awareness and training programme. Develop and report on metrics to the Security Committee, Operations Board and the Risk & Audit Committee. Investigate breaches of information security as appropriate, making recommendations for improvement and prevention of future breaches, with the data team.

Key skills required: Expertise and practical experience in one or all corporate security disciplines -cyber, information, physical and personal. The ability to work with senior executives across the business to achieve effective corporate security throughout Ofcom The ability to spot security threats to achieving Ofcom’s objectives, and how to protect Ofcom from those threats Demonstrated experience in handling a variety of stakeholders in a multi-site organisation Strong project management skills, including the ability to manage a varied and demanding workload and to prioritise effectively in an agile manner, being flexible and adaptable to changing or ambiguous circumstances A demonstrated ability to communicate clearly, concisely and confidently to a variety of audiences, both orally and in written form The ability to work independently, seeking guidance whenever it is needed, as well as to work collaboratively within a team. Qualifications Preferably educated to degree level (or equivalent) or with substantial relevant security expertise in Cyber, Information, Physical and Personal security. Relevant industry security accreditation (e.

g. CCP, CISSP, CISA, CISM or ISO27001 Lead Implementer/Auditor).

Tagged as: Reed Sec. Mgr.


Before applying for this position you need to submit your online resume. Click the button below to continue.