Chief Information Security Officer
Date: 20 Nov 2024
Location: London, GB, EC4A 1AB
Company: ameygroupi
Amey is a leading provider of full life-cycle engineering, operations, and decarbonisation solutions, for transport infrastructure and complex facilities.
Working for us, you’ll be delivering sustainable infrastructure solutions that enhance life and protect our shared future.
Our people are driven by a set of strong values, based on safety, insight, and collaboration.
The Opportunity
We have a fantastic opportunity for a permanent Chief Information Security Officer to join Amey’s group functions.
As Chief Information Security Officer you will play a critical role within the organisation, tasked with safeguarding the company’s information assets and technologies. This will involve the development and maintenance of a comprehensive security strategy that aligns with Amey’s goals and objectives.
Responsible for identifying potential security threats and vulnerabilities and implementing measures to mitigate those risks. This includes sponsoring the implementation of advanced security technologies and controls, conducting regular security assessments, and ensuring that all employees are appropriately trained in security best practices.
Key responsibilities:
- Develop and deliver an information security strategy and improvement roadmap which will continuously enhance the organisation’s risk profile, aligned with strategic business objectives.
- Develop and maintain an internal common control framework for information security and data protection which addresses all regulatory and commercial requirements.
- Ensure ongoing regulatory compliance with all applicable data protection legislation and maintain a healthy relationship with regulators to avoid financial penalties and enforcement actions.
- Develop and maintain an appropriately skilled team to deliver the published information security strategy and roadmap.
- Monitor appropriate sources of threat intelligence and perform horizon scanning to identify emerging cybersecurity threats and risks associated with new technology trends. This will ensure that the organisation is protected and well positioned to take strategic advantage of innovations and future developments relevant to our sector.
- Maintain appropriate levels of employee awareness across information security and data protection. Delivering a broad compulsory training programme as well as targeted training and awareness initiatives to help reduce security risk in key areas of the business.
- Understand the business appetite for framework accreditation and proactively target increased levels of certification to align with the growing demand for information security assurance from both internal and external stakeholders (Cyber Essentials, ISO27001).
- Elevate the organisations profile and commitment to information security through continued external engagement with government, industry and client associations and committees.
- Sponsor and deliver technology and compliance initiatives aligned to agreed prioritisation.
- Contribute to the preparation of bid submissions and actively look to deliver additional value across the information security and data protection aspects which could improve submission scoring.
- Contribute to the scoping and delivery of broader projects which might be managed by other teams, but which may have a dependency on information security.
- Maintain strategic relationships with partners and suppliers that support the information security programme, strategy and key initiatives.
- Mentor and support the information security team, providing development and growth opportunities that will enhance the capabilities of the department and build trust with stakeholders.
What you will bring to us:
- Degree in either Computer Science, Information Security, Law or Privacy
- Professional qualifications and industry experience in Information Security / Cyber, such as CISM, CISSP and CISA are highly desirable
- Knowledge of current information security related standards or regulations such as ISO27001, Cyber Essentials Plus, GDPR, PCI-DSS, NIST and how to apply for Amey
- Deep and ever evolving experience in Cyber and Information Security
- Real world experience of cyber-attack and recovery ideally in a leadership role
- General IT qualifications for breadth of experience
- People Management knowledge to effectively manage teams
- Financial knowledge to manage a cost centre
- Security accredited to SC level will be required within 6 months
What we can offer you:
At Amey, we recognise that our biggest asset is our people. That is why when you join us, we offer flexibility, career development, a choice of benefits and support that help you through all life’s ups and downs. It’s the reason why Investors in People put us among the top 1% of employers.
Work-life Balance –
Work-life balance and flexibility are key for our success. We empower our people to make choices that are right for them, with hybrid, part-time and flexible work patterns. And with a network of offices across the UK, we are open to discussing working options that suit you.
Wellbeing –
Health cash plan, 24 GP, support and assistance programmes, wellbeing ambassadors and Wellbeing Wednesday, dental vouchers
EDI-
At Amey we celebrate our people and all that they are. This is reflected in our Affinity Group networks, providing a community of support and connection, a safe space to share experiences, learn from one another and generate ideas – Women @ Amey, Neurodiversity, Armed Forces, Multicultural Network, Pride, Diversability and Parents & Carers.
Social Value –
You’ll get 2 Community Involvement Days each year to volunteer for a charity of your choice and further opportunities to support fundraising initiatives.
Plus, a range of other great perks and benefits including:
- Pension – Generous Pension scheme which we will contribute to
- Holidays - Minimum 25 days holiday + Bank Holidays
- Bonus – up to 20% of base salary
- Car / Car allowance
- Life assurance – 4 x base salary
- Healthcare – private family cover via BUPA
- Choices - Our flexible benefits scheme is tailored by you, including buying additional annual leave, cycle2work scheme, charity giving and gym membership.
- Save with Amey - Our online voucher portal gives you access to thousands of discounts from leading retailers to help you save on shopping, days out, or nights in.
Application Guidance
Amey is committed to Inclusion and Diversity. We welcome applications from all suitably qualified candidates, regardless of their race, gender, disability, religion/belief, sexual orientation, or age. We are also committed to offering applicants with a disability an interview if they meet the minimum requirements for the role.
Please contact our recruitment team at peopleservices@amey.co.uk to discuss any access needs, reasonable adjustments or additional application support that may be required at any point during the recruitment process.