Chief Information Security Officer

DSIT • Full-time • Cardiff • £76k - £117.80k / year • 19h ago

Job summary

The Department for Business and Trade's Digital, Data & Technology directorate are 550 colleagues committed to delivering a wide array of high quality services, tools and capabilities to support the department's objectives. As we mature after a period of rapid growth, this is an exciting opportunity to shape the evolution of our Cyber-Security team as the first CISO in the department. You will play a key role in protecting critical national infrastructure that is essential to ensuring goods cross our borders and businesses flourish.

You will join a kind and supportive culture that works in a matrix model aligned to the Government Digital Service's capability framework. The Cyber team are key to our work whether it is building, buying or delivering digital, data and technology services.

Job description

The Chief Information Security officer creates an environment and culture in the department that ensures the security of its information and technology. They enable the department to achieve its objectives and deliver services in a safe and secure way.

The Chief Information Security officer role is part of both the Government Digital and Data profession and the Government Security profession.

In this role, you will:

Create a strategy for information and cyber security that supports both the department's strategy and wider government security strategy
Lead the department in implementing the information and cyber security strategy
Evaluate the current status and maturity of information and cyber security in the department
Determine how to get to the level of information and cyber security maturity the department needs
Understand risks across the department and advise leaders on how to mitigate risks in their areas and in future plans
Enable the department to be innovative in a safe and secure way
Ensure the department is prepared for cyber attacks and can detect, respond to and recover from an attack
Ensure that information and cyber security aspects of crisis management are effective
Encourage a culture of cyber security awareness and good security practices
Implement practices to increase the maturity of information and cyber security

Person specification

You must demonstrate experience of collaborative leadership and stakeholder management and meet the following Cyber experience:

Strategic Cyber Security Planning.
Cyber Security Governance.
Cyber Risk Management.
Security Architecture.
Cyber Incident Management.

Details of the criteria listed above can be found on the Government Digital Data Profession Capability Framework.

Benefits

Alongside your salary of £76,000, Department for Business and Trade contributes £22,017 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Learning and development tailored to your role
An environment with flexible working options
A culture encouraging inclusion and diversity
A Civil Service pension with an employer contribution of 28.97%

Things you need to know

Selection process details

How to apply

Hays, an Executive Search firm, have been appointed to assist with this recruitment campaign. To apply for this post, you will need to submit documentation below via the following link, by no later than 23:55pm on Sunday 3rd August 2025.

Follow this link to apply

If you have any issues accessing the link or questions regarding the documentation, please contact:

James Walsh – james.walsh1@hays.com 07756 222394
Joel Mundy - Joel.Mundy@hays.com 07776 208055

Documentation:

A CV setting out your career history, with key responsibilities and achievements. Please ensure you have provided reasons for any gaps within the last two years.
A Supporting Statement of around two pages of A4 explaining how you meet the requirements of the person specification as far as you are able to, including your language ability for the role.

Failure to submit both documents will mean the panel only have limited information on which to assess your application against the criteria in the person specification. Please ensure that both documents contain your full name.

Please see the candidate information pack link at the bottom of the page for further information on the vacancy and the recruitment process.

Feedback will only be provided if you attend an interview or assessment.

This role has a minimum assignment duration of 3 years. An assignment duration is the period of time a Senior Civil Servant is expected to remain in the same post to enable them to deliver on the agreed key business outcomes. The assignment duration also supports your career through building your depth of expertise.

As part of accepting this role you will be agreeing to the expected assignment duration set out above. This will not result in a contractual change to your terms and conditions. Please note this is an expectation only, it is not something which is written into your terms and conditions or indeed which the employing organisation or you are bound by. It will depend on your personal circumstances at a particular time and business needs, for example, would not preclude any absence like family friendly leave. It is nonetheless an important expectation, which is why we ask you to confirm you agree to the assignment duration set out above.