Role: Head, IT Secuirty, Risk and Compliance
Client: The British Council
Department: Global Business Services
Reporting to: Director, Global Business Services
Location: British Council Offices, Spring Gardens, London SW1A
Remuneration: Attractive salary and 'family friendly' benefits package
Purpose of job:
To help ensure the delivery of a technology landscape that supports business goals and objectives whilst minimising exposure to risk in areas of technology security and related legal and regulatory compliance. Leading a team of IT secruity specialists, and working closely with teams responsible for information management, this role needs to objectively assess the Council's information systems, develop appropriate policies, processes, procedures and standards, recommend improvements in security and controls, monitor compliance with standards, both internal and external, and track any remedial actions through to completion, providing assurance to the British Council's Board. In addition, this role will lead the technical response to security or other critical incidents, provide adisory and consulting services as needed to the business, and accept ad hoc assignments as the needs dictates.
The post holder will win the confidence of senior business leaders whilst providing thought leadership in this area.
Context and environment:
The security team has a key role in supporting the British Council in the management of security, risk and compliance whilst facilitating the achievement of business objectives. The composition and responsibilities of the security team are currently under review but are expected to grow as techology offerings become increasingly important to the business delivery. In this role, the post holder will have responsibility for the management of a team responsible for addressing the IT security, risk and compliance needs of the organisation. In addition to independent and team assignments and responsibilities, the post holder will be engaged with relevant members of the global team in support of their activities, particularly in areas of technology policies, processes, procedures, standards, risk management and controls.
Areas of particular challenge on the BC horizon include BYOD, technical protection for the valuable IP, the new HMG information protection (protective marking) regime, Cloud based infrastructure and services, and sharing common IT platforms with business partners.