Accessibility Links

Information and Cyber Security Manager

  • Job reference: 913774
  • Location: Gloucester, Gloucestershire
  • Salary: GBP50000 - GBP70000 per annum
  • Job type: Permanent
  • Sector: Nuclear
  • Date posted: 13/04/2017

Main responsibilities:

  • Develop and maintain all information Security Policies, Standards and Information Security Management System (ISMS) documentation in line with nuclear legislative compliance requirements and company best practice
  • Ensure all information risks are identified and appropriately managed in line with agreed tolerance levels and to manage Risk Management Accreditation Document Sets (RMADS) for the infrastructure
  • Provide continual information security improvements (and provide monitoring to ensure that policies, procedures and controls are effective
  • Oversee the build and maintenance of technical security measures, accepting all information security controls into service when operationally ready
  • Design information Security awareness training in cooperation with other corporate teams in order to ensure all knowledge and understanding required is provided to the relevant departments and personnel
  • Support third party suppliers as required to ensure internal controls are not compromised. This may include providing delegated accreditation to agreed government standards
  • To provide the necessary support to the Procurement and Commercial teams for the development and management of classified contracts
  • To lead the resolution of Information Security incidents and then define and implement corrective actions where non-conformities have been identified
  • To develop a suitable proportionate Information Security team to meet the demands of a large scale, high profile national infrastructure project
  • Issue formal and compelling Information Security direction and advice and third party suppliers
  • Carry out Surveillance, Inspections and Audit in accordance to ensure compliance with Government Information Security standards
  • Review documents for evidence of compliance with Government standards
  • Commit financial resources within company specified limits


  • Relevant graduate degree in Risk Management, or Information Technology (or relevant experience)
  • Demonstrates a track record of success, achievement and learning in career to date, adding value within relevant positions.
  • A good understanding of UK Civil nuclear industry
  • Delivery of Information Security within large scale delivery programs and projects at a senior management level
  • Up-to-date knowledge and experience of security compliance issues and risks, working to continually improve the security posture of a large organisation
  • The conduct of risk assessments and security audits in order to achieve and maintain compliance
  • Understanding and experience of the ISO27000 standards and experience in delivering ISO27001 certification
  • SC security cleared
  • In-depth knowledge and experience of Nuclear Security regulations and standards including the HMG Security Policy Framework
  • Knowledge and experience of working with the HMG GSC
  • Confident negotiator
  • Ability to learn, adapt and thrive, delivering value in a changing and evolving organisation.
  • Demonstrates consistently high leadership standards and sets an inspiring personal example through actively demonstrating and living the Vision, Values and behaviours when they are implemented.
  • Flexibility and mobility to undertake business travel as required.


  • Membership of a relevant professional institution such as the Institute of Information Security Professionals