Head of Information Security

From 5th April 2022, you can find your dream job in our vacancies offer provided by Maritime and Coastguard Agency Agency. For example you can find there a job from location Hampshire, Southampton, United Kingdom functional area I.T. & Communications, position Head of Information Security.

Salary offer for Permanent job is from 60135 GBP Annual.

Description Vacancy

Job position:
Head of Information Security
I.T. & Communications
Employment type:
Start date:
Tue, 29 Mar 2022 18:20:00 GMT
11140 (WorkingWise.co.uk)
60135 to 67939 GBP

Job description

About the job


We welcome applications from all communities, and we don't discriminate against any identity. We're interested to hear from you, regardless of your background.

Are you looking for your next career step in IT?

Who Are We?

The Maritime and Coastguard Agency (MCA) is an Executive Agency of the Department for Transport (DfT). We provide a 24-hour maritime and coastal search and rescue emergency coordination and response service for the United Kingdom. We produce legislation and guidance and provide certification to ships and seafarers. Through our survey and inspection regime, we enforce standards for ship safety, security, pollution prevention and seafarer health, safety and welfare. We promote maritime standards, encourage economic growth and minimise the maritime sector's environmental impact.

The Opportunity

An opportunity has arisen for a new role as the Head of Information Security. Acting as the domain authority, this role will enable the Agency to develop and build the right capability to provide assurance that the information assets and associated technology are adequately protected to support lines of business.

In this newly formed and exciting role, the Head of Information Security will have delegated authority for the direction, oversight, prioritisation and implementation of Information and Cyber Security management in the MCA.

This role will also be responsible for providing assurance to the business and its wider stakeholders as to the level of compliance to applicable legislation, regulation, and standards.

This is a permanent opportunity and headquarters for the position is based in Southampton, although hybrid working will be possible during part of the working week.

Job description

The HoIS will be responsible for identifying, evaluating and reporting on legally and regulatory, IT and cybersecurity risk to information assets, developing the Information Security Team into an impactful Team supporting and advancing business objectives. The HoIS should understand and articulate the impact of all facets of security including cyber on business activity and be able to communicate this to the board of directors and other senior stakeholders.

The role ensures that MCA security plans, policies and practices reflect the changing threat and business environment in a proportionate and pragmatic way, reflecting established corporate risk tolerances, and working with the wider governance community across government, the DfT and MCA to align the MCA Security response with, or improve on published requirements and governance processes.

The HoIS will be the focal point for liaison with key stakeholders across the business and externally, including Information Asset Owners, DfT (Cyber and Physical Security leads), Government Security Group and the Government Security Centre of Excellence programme, as wells as working with private sector specialists and service providers. The role will ensure that information and Cyber Security controls are well balanced, are able to protect, detect, respond, and recover to threats in an effective and timely manner.


Responsibilities include but are not limited to:

Establish and Build Knowledge

• Developing and building an information and cyber security function.
• Hold responsibility and accountability for the application of security measures as laid down in HMG Security Policy Framework (SPF) and National Cyber Security Centre (NCSC) guidance to meet or exceed the minimum Cyber Security Standard for government bodies.
• Developing a programme of work to meet the appropriate controls across the corporate and Blue Light networks.
• Providing assurance on compliance and continual improvement.
• Creating and running a targeted information security awareness program for all employees, contractors and approved system users, and establish metrics to measure the effectiveness of this security training program for the different audiences.

Steer the Organisation

• Guiding the Information and Cyber Security function across the MCA to ensure consistent and high-quality information security management in support of the business goals.
• Ensuring that the business has sufficient transparency, direction and priority to be able to deliver on their mission while maintaining and enhancing information and cyber security.
• Providing effective leadership to the Information and cyber security team.
• Engaging with the whole organisation, translating industry knowledge and technical information into secure, informed processes that is in line with government security standards for information and cyber security, and enable innovation and competitive advantage in commercial tenders.

Develop the Frameworks

• Developing and maintaining the Information Security Management System, to ensure it provides continuously up-to-date information security policies, standards and guidelines.
• Lead all aspects of the approval and publication of these information security policies and practices.
• Maintaining the framework for roles and responsibilities with regard to information ownership, classification, accountability and protection of information assets.
• Working effectively with business units to facilitate information security risk assessment and risk management processes.
• Facilitating a metrics and reporting framework to measure the efficiency and effectiveness of the program.


• Developing an information security vision and strategy that is aligned to Agency's priorities.
• Developing, implementing and monitoring a strategic, comprehensive information security program.
• Influencing the Board and Executive leadership to develop and deliver against an effective Cyber security vision, culture and strategy that provides the right controls to defend the business but retains the agility to build an organisation that is pioneering, market leading and innovative.
• Challenging existing practices and controls to drive the continual improvement of information and cyber security and safety, so that are the right fit for the Agency.

About You

The Head of Information Security must be knowledgeable about both internal and external business environments.

Furthermore, we are looking for an experienced individual who shares our passion for what we do in supporting safer lives, safer ships, and cleaner seas. Our vision is to be the best maritime safety organisation in the world.

Find out more about what it's like working at the Department for Transport .

Security Clearance

Successful appointment will be subject to the candidate passing the appropriate security check to enable engagement with the National Technical Authority and peers across government


We'll assess you against these behaviours during the selection process:

  • Leadership
  • Delivering at Pace
  • Seeing the Big Picture
  • Communicating and Influencing

Technical skills

We'll assess you against these technical skills during the selection process:

  • Digital, Data and Technology Profession: Design Secure Systems
  • Digital, Data and Technology Profession: Enabling and Informing Risk Based Decisions
  • Digital, Data and Technology Profession: Understanding Security Implications of Transformation


Being part of our brilliant Civil Service means you will have access to a wide range of fantastic benefits. We offer generous annual leave, attractive pension options, flexible working, inclusive working environments and much more to support a healthy work/life balance.

© 2022 Job vacancies Southampton, Hampshire