top of page

Cyber Security Manager

£66,156 - £68,439 per annum

Directorate: Resources

Grade: LBR 18

Department: IT

Hours/weeks: 36 hours/52.14 weeks

Team: Infrastructure

Base/location: Lynton House

Reports to: Head of IT Infrastructure

Responsible for:

Line Management of Cyber Security Analyst directly, but organises responses across the Council for Cyber Security

Working Pattern and travel:

Monday – Friday 36 hours per week between 8 am and 6 pm.

Out of ours / weekend working may occasionally be needed.

Must be willing to be contacted out of hours in an emergency.

Special Factors or Constraints:

The post holder may have access to confidential information regarding the behaviour of members and staff.  They must be willing to maintain absolute discretion in the use of this information.

Role and context

The Cyber Security Manager is responsible for protecting Redbridge Council networks and data against threats, such as security breaches, computer viruses or attacks by cyber-criminals. These intrusions can disrupt the Councils’ information technology systems or lead to a loss of confidential information. When that happens, the Councils can lose revenue, may face fines from regulatory agencies for failing to protect data and unable to provide services to residents.

The role of the Cyber Security Manager is to lead and manage IT cyber security risks and to act as the responsible officer for IT cyber risk management and responding to audits. The Cyber Security Manager will need to lead and provide expert advice on the selection, design, justification, implementation and operation of information security controls and management strategies to maintain the confidentiality, integrity, availability, accountability, and relevant compliance of information systems. The Cyber Security Manager should inspire creativity and flexibility in the management and application of information management and IT, supporting the Council’s ambitions to be a more agile and flexible organisation with respect to workforce management. The Cyber Security Manager should provide effective management that will contribute to the continuous improvement of the Councils security posture, actively contributing to council-wide and departmental initiatives to meet corporate objectives and user needs.

Key accountabilities and result areas

Strategy and Planning:

SFIA Business risk management: Level 6

SFIA Emerging technology monitoring: Level 5

  • Maintains deep, current knowledge of IT Cyber security developments and technologies which may be relevant to LBR.

  • Leads, promotes, and assists in the implementation, where practicable, of procedures designed to attain compliance of the ISO27001 (BS7799), ISO20000 (ITIL) and other relevant IT standards. This will involve establishing security processes that can ensure compliance and accreditation with IT Cyber security best practice.

  • Plans how the council will manage IT Cyber security audit and assessment processes and ensures their timely completion.

  • Plans how the council will respond to IT Cyber security incidents when they occur, and ensures that those plans are tested, communicated and effective.

  • Reviews IT development and project plans and advises on their Cyber Security implications.

Operations and Support

SFIA Security operations: Level 6

SFIA Digital forensics: Level 6

SFIA Incident management: Level 5

  • Reviews all proposed changes in the IT environment and assesses and advises IT management on their security implications, including those where no security risk is assumed or imminent.

  • Analyses the cause and nature of IT Cyber Security incidents and proposes means of resolving them.

  • Documents all IT security incidents fully, to ensure full accountability for events and the opportunity for the council to learn from experience.

  • Takes the initiative in identifying potential security risks which may impact on the IT environment or on the ability of the council to carry out its functions, acts on these and reports them to interested stakeholders. This may include IT security events happening entirely outside the council’s environment.

  • Approaches problems in a methodical manner, assessing the information and applying knowledge to achieve a resolution. Consults others as appropriate, respecting the expertise of colleagues and learning from them.

  • Monitors the IT environment continuously, using a variety of reporting and monitoring tools, looking for significant variances in what is recognised as normal.

  • Provides objective and unbiased information on security issues and incidents, including information which may be confidential and may form part of investigations into the actions of colleagues.

Systems and Process Development and Improvement

SFIA Penetration testing: Level 5

  • Help develop and improve processes to provide better or more efficient services and use of resources.

  • Takes ownership of IT security documentation, policies, procedures, and knowledge base and maintains this in the light of internal and external developments and learning.

  • Contributes to service improvement plans and projects.

  • Maintain up to date information on all service and change requests and actions taken to resolve them.

  • Creates training and information materials for LBR staff to ensure their awareness of IT security issues and responsibilities. Contributes to training programmes in which IT security is a relevant part.

  • Continually promotes security awareness among staff and compliance with security policies.

  • Plans and drives penetration testing within a defined area of business activity.

  • Delivers objective insights into the existence of vulnerabilities, the effectiveness of defences and mitigating controls.

  • Takes responsibility for the integrity of testing activities and coordinates the execution of these activities. Provides authoritative advice and guidance on all aspects of penetration testing.

  • Identifies needs and implements new approaches for penetration testing. Contributes to security testing standards.

Communication Partnership

SFIA Specialist advice: Level 6

  • Builds close and supportive working relationships with IT colleagues, internal customers, and suppliers to be able to represent the IT Cybersecurity function with authority and inspire confidence in those they interact with.

  • Participates in external meetings and working groups to promote IT security across the public sector.

  • Provides organisational leadership and guidelines to promote the development and exploitation of specialist knowledge in the organisation.

  • Maintains a network of recognised experts (inside and/or outside the organisation) who can deliver expert advice in relevant areas.

  • Provides input into professional development planning across a significant part of the organisation to further the development of appropriate expertise.

  • Support the council Information Governance officers such as the SIRO and DPO with matters of Information Security.

Performance and Standards

SFIA Methods and Tools: Level 5

SFIA Information Security: Level 5

 

  • Ensure PSN, HSCN, GDPR and other standards are adhered to and maintained, including participation in any remediation to meet certification.

  • Ensure SLAs are met or exceeded, revising these when appropriate.

  • Ensure that Recovery Runbooks and processes are thoroughly and promptly documented.

  • Make monitoring data available to facilitate awareness of problems, performance, and trends in the Cyber Security realm, compared with benchmark normal performance standards.

Key performance outcomes:

  • Define and elaborate the Cyber Security strategy in support of the IT and Councils objectives, plans and direction enduring that updates are made to leverage new technology and threat information.

  • Maintaining continuous security of the IT environment.

  • To review and approve security policies and lead on cyber incident response planning.

  • Lead and responsible for the inputting at a strategic and technical level into the cyber security programme.

Resource Management

SFIA Performance Management: Level 4

  • Supervise a single technical member of staff, ensuring they are fully utilised in addressing council or departmental priorities, proving them with opportunities to develop professionally and in their understanding of council priorities and services.

  • Advise where skills shortages exist within the team.

  • Running working groups for remediation of vulnerabilities across the IT Areas

Corporate Accountabilities

All employees of the Council should undertake and conduct their work with due regard to the corporate accountabilities (available on the Redbridge Council website). These include responsibilities for outcomes regarding equality, conduct, health & safety, data protection, safeguarding and customer care.

Flexibility

The key responsibilities and duties of the role are neither exclusive nor exhaustive.  All workers are expected to operate flexibly to support delivery of services and from time to time will be required to undertake responsibilities outside the normal remit of role description as required by the line manager, which are broadly commensurate with the job level and scope of competence.

Person specification

Key

Method of candidate assessment

A = Application form

I = Interview

T = Test

Statutory or mandatory qualifications

  • CISMP, CISSP or SSCP with equivalent demonstrable experience at a management level.

Educational ability

  • BSc in relevant discipline, or equivalent industry experience. (A)

Key subject or content areas

  • Expert in corporate, industry and professional standards, policies, regulations, compliance, and codes of conduct associated with the role. (A)

  • Expert in methods and techniques for risk management, business impact analysis, countermeasures and contingency arrangements relating to the serious disruption of IT services. (A)

Knowledge / experience

  • Experience of using relevant monitoring and configuration management software including (A, I)

    • Microsoft 365 

    • SIEM’s 

  • Advanced understanding of data protection practice and GDPR. (A, I)

  • Technologies to protect Network, Server, and Endpoint devices. (A, I)

  • Demonstrable high-level strategic thinking and planning skills. (I)

  • Experience of developing contingences and recognising patterns and trends in a wide range of evidence / data and drawing key conclusions, outlining costs, benefits, risks, and potential responses. (A, I)

  • Able to influence customer expectations and their use of IT systems. (A, I)

  • Gains co-operation of colleagues from other teams in delivery of services and acceptance of security standards. (A, I)

  • A good team worker and able to establish rapport quickly with customers, colleagues, and partners. Builds confident and effective working relationships at all levels. (I)

  • Able to prioritise work and allocate resources considering all factors with minimal supervision. Balances competing activities against deadlines, manage workload and immediate customer needs. (I)

  • A proven track record of setting direction for the enterprise level security strategy and business solutions for high-risk, high-profile systems. (I)

  • Corporate business continuity planning (A)

  • Cyber security, risks, responses, controls, and mitigations. (A)

Corporate behaviours

The Council has a set of behaviours that all employees are expected to deliver in the performance of their role. The behaviour framework can be found on the Councils internet page, and these should be reflected in your application and the way you work.  As part of an individual’s personal development Redbridge expects employees of all levels to be continuously developing these core behaviours.

Effective and collaborative team working

  • To take responsibility for personal development and actively participate in all learning and development. (A, I)

  • A proven track record of setting direction for the enterprise level security strategy and business solutions for high-risk, high-profile systems. (A, I)

bottom of page