Head of Information Security

From 5th January 2022, you can find your dream job in our vacancies offer provided by Maritime and Coastguard Agency Agency. For example you can find there a job from location Hampshire, Southampton, United Kingdom functional area Government & Defence, position Head of Information Security.

Salary offer for Permanent job is from 60135 GBP Annual.

Description Vacancy

Job position:
Head of Information Security
Government & Defence
Employment type:
Start date:
Thu, 30 Dec 2021 16:55:00 GMT
18890078 (WorkingMums.co.uk)
60135 to 67939 GBP

Job description

About the job


We welcome applications from all communities, and we don't discriminate against any identity. We're interested to hear from you, regardless of your background.

Are you looking for your next career step in IT?

The Maritime and Coastguard Agency (MCA) implements the government's maritime safety policy in the United Kingdom and works to prevent the loss of life and occurrence of pollution on the coast and at sea.

The opportunity has arisen for a new role as the Head of Information Security (HoIS), to enable the Agency, as the Domain Authority, to develop and build the right capability for the Agency, to provide assurance that the information assets, associated technology, applications, systems, infrastructure and processes are adequately protected to support lines of business.

The HoIS will have delegated authority for the direction, oversight, prioritisation and implementation of Information and Cyber Security management in the MCA.

This role will also be responsible for providing assurance to the business and its wider stakeholders as to the level of compliance to applicable legislation, regulation and standards.

This is a permanent opportunity and the headquarters for the position is based in Southampton.

Job description

The HoIS will be responsible for identifying, evaluating and reporting on legally and regulatory, IT and cybersecurity risk to information assets, developing the Information Security Team into an impactful Team supporting and advancing business objectives. The HoIS should understand and articulate the impact of all facets of security including cyber on business activity and be able to communicate this to the board of directors and other senior stakeholders.

The role ensures that MCA security plans, policies and practices reflect the changing threat and business environment in a proportionate and pragmatic way, reflecting established corporate risk tolerances, and working with the wider governance community across government, the DfT and MCA to align the MCA Security response with, or improve on published requirements and governance processes.

The HoIS will be the focal point for liaison with key stakeholders across the business and externally, including Information Asset Owners, DfT (Cyber and Physical Security leads), Government Security Group and the Government Security Centre of Excellence programme, as wells as working with private sector specialists and service providers. The role will ensure that information and Cyber Security controls are well balanced, are able to protect, detect, respond, and recover to threats in an effective and timely manner.


Responsibilities include but are not limited to:

Establish and Build Knowledge

• Developing and building an information and cyber security function.
• Hold responsibility and accountability for the application of security measures as laid down in HMG Security Policy Framework (SPF) and National Cyber Security Centre (NCSC) guidance to meet or exceed the minimum Cyber Security Standard for government bodies.
• Developing a programme of work to meet the appropriate controls across the corporate and Blue Light networks.
• Providing assurance on compliance and continual improvement.
• Creating and running a targeted information security awareness program for all employees, contractors and approved system users, and establish metrics to measure the effectiveness of this security training program for the different audiences.

Steer the Organisation

• Guiding the Information and Cyber Security function across the MCA to ensure consistent and high-quality information security management in support of the business goals.
• Ensuring that the business has sufficient transparency, direction and priority to be able to deliver on their mission while maintaining and enhancing information and cyber security.
• Providing effective leadership to the Information and cyber security team.
• Engaging with the whole organisation, translating industry knowledge and technical information into secure, informed processes that is in line with government security standards for information and cyber security, and enable innovation and competitive advantage in commercial tenders.

Develop the Frameworks

• Developing and maintaining the Information Security Management System, to ensure it provides continuously up-to-date information security policies, standards and guidelines.
• Lead all aspects of the approval and publication of these information security policies and practices.
• Maintaining the framework for roles and responsibilities with regard to information ownership, classification, accountability and protection of information assets.
• Working effectively with business units to facilitate information security risk assessment and risk management processes.
• Facilitating a metrics and reporting framework to measure the efficiency and effectiveness of the program.


• Developing an information security vision and strategy that is aligned to Agency's priorities.
• Developing, implementing and monitoring a strategic, comprehensive information security program.
• Influencing the Board and Executive leadership to develop and deliver against an effective Cyber security vision, culture and strategy that provides the right controls to defend the business but retains the agility to build an organisation that is pioneering, market leading and innovative.
• Challenging existing practices and controls to drive the continual improvement of information and cyber security and safety, so that are the right fit for the Agency.

About You

The HoIS must be knowledgeable about both internal and external business environments.

The Maritime and Coastguard Agency (MCA) implements the government's maritime safety policy in the United Kingdom and works to prevent the loss of life and occurrence of pollution on the coast and at sea.

Safer lives, Safer ships, Cleaner seas.

Our vision is to be the best maritime safety organisation in the world.


We'll assess you against these behaviours during the selection process:

  • Changing and Improving
  • Working Together
  • Delivering at Pace
  • Communicating and Influencing
  • Seeing the Big Picture
  • Leadership

Technical skills

We'll assess you against these technical skills during the selection process:

  • Digital, Data and Technology Profession: Analysis
  • Digital, Data and Technology Profession: Communication Skills (Security Architect)
  • Digital, Data and Technology Profession: Design Secure Systems
  • Digital, Data and Technology Profession: Enabling and Informing Risk Based Decisions
  • Digital, Data and Technology Profession: Specific Security Technology and Understanding
  • Digital, Data and Technology Profession: Research and Innovation
  • Digital, Data and Technology Profession: Understanding Security Implications of Transformation


Being part of our brilliant Civil Service means you will have access to a wide range of fantastic benefits. We offer generous annual leave, attractive pension options, flexible working, inclusive working environments and much more to support a healthy work/life balance.

© 2022 Job vacancies Southampton, Hampshire