Head of Risk, Information, Security and Compliance

You will be working closely with the Executive team and our Chief Executive Officer (Senior Information Risk Owner) with the responsibility and accountability for leading an expert team to ensure UKSBS (people, systems, information and premises) have robust, proportionate and cost-effective:

• Information Security.
• Incident Management, Business Continuity and Disaster Recovery.
• Information Management and Data Protection.
• Risk Management, Internal Controls and Audit Programme coordination.
• Counter Fraud, including legal requirements under the Bribery Act.

You will also act as the Departmental Security Advisor.

Flexibility may be required to respond to the changing needs of the organisation and the service. You may also be asked to undertake ad hoc activities in support of the Chief Executive Officer and other Executives.

Responsibilities will include:

• Work closely across the Executive and Senior Leadership Group to ensure alignment of RISC objectives with the UKSBS business plan and operational plan.
• Performance lead and develop the Risk, Information, Security and Compliance (RISC) team, ensuring that members have appropriate business exposure, are professionally competent and highly motivated.
• Has accountability for ensuring the team operates to budget.
• Provide coaching and mentoring support to management colleagues across the business.
• Represent the Risk, Information, Security and Compliance (RISC) function, as required, at the UKSBS Committees.
• Represent UKSBS, as required, at the UKSBS Audit Committee and key partnership/client meetings.
• Ensure UKSBS has a positive working relationship with GIAA.
• Maintain a strong network of Risk, Information, Security and Compliance (RISC) contacts across Government, the public sector and wider business.
• Provide strategic, tactical, and operational advice to Executive and Senior Management.
• Design and deliver an appropriate suite of Risk, Information, Security and Compliance (RISC) strategies, policies and processes, maintaining legal compliance and alignment with HM government best practices.
• Drive cultural alignment to agreed policies across the organisation.
• Gain agreement from Executive and Audit Committees to an annual Risk, Information, Security and Compliance (RISC) delivery plan.
• Act as the Security Advisor, coordinating the company response to security-related matters, including assessing and making judgements in relation to risk on behalf of the SIRO and Executive.
• Providing senior level guidance and support to the Information Manager and Data Protection Officer, Senior Information Security Manager, Information Security Manager and Risk and Assurance Manager ensuring coordination that supports delivery by Digital and Information, Operations, and Partnerships and Change.
• Ensure delivery of the UKSBS annual audit plan as agreed by the Audit Committee.
• Support and report progress to close reported audit findings.
• Oversee the development and testing of business continuity and resilience plans.
• Act as the professional adviser to Gold and Silver command in the event of a business continuity incident
• Ensure UKSBS' cyber security is maintained
• Ensure planning, delivery and reporting of an annual cycle of mandatory Risk, Information, Security and Compliance (RISC) training.
• Oversee the quality and timeliness of reporting, papers and reports for formal meetings and supporting communications material.
• Identify opportunities for control enhancements, service/quality improvements and operational efficiency.
• Act as Programme Lead / SRO for activities, as required, ensuring appropriate governance is maintained and dependencies to other programmes are addressed.
• Act as Project Manager for key projects when necessary.
• Identify, monitor and report business case benefits, and evidence success.