Head of Information and Cyber Security - Harris Federation : Job Details

The founder and sponsor of the Harris Federation, Lord Harris of Peckham, opened our first school in 1990. We have, over the past thirty years, implemented ideas and initiatives that have transformed the opportunities of pupils from working class and disadvantaged backgrounds. Harris academies are widely recognised as a force for social mobility. We are immensely proud of the role that our alumni are now beginning to play in the world and of what we believe our current generation of pupils will go on to achieve.

We now have over 50 schools educating more than 40,000 young people across London and Essex, and employ over 5,000 staff across our academies and head office. With the majority of our academies located in areas of high socioeconomic disadvantage, a high-quality education is key to the futures of the pupils we serve.

As a provider of employment and education, we value the diversity of our staff and students, and all our staff are equally valued and respected. We are committed to providing a fair, equitable and mutually supportive learning and working environment for our students and staff.

Our work will impact many generations to come, and our staff come from all backgrounds and walks of life, coming together to inspire young minds. We promote an inclusive culture that embraces the valuable and enriching contribution that all of our community make. We continue to be proactive in uplifting and supporting all voices at Harris.

To discover more about our culture, ethos and what it is like to work here, visit the Why Work For Us page.

Information & Cyber Security

• Lead the Harris Federation Cyber Security
• Collaborate with key stakeholders to define and implement an organisation wide Information and Cyber Security strategy
• Manage the day-to-day Information & Cyber security practices and processes
• Iterate and update relevant Information & Cyber security polices
• Accountable for defining the standard, and overseeing the implementation of the VM program
• Stay abreast of current future security risks and adapt mitigations and controls accordingly for Threat Intelligence & Trends.
• Co-ordinate offensive tests. Red, and purple team exercises in addition to ad-hoc tests for installed and planned systems
• Manage the Cyber Security risk register. Apply, and oversee the effectiveness of controls to reduce risks in line with tolerance.
• Provide KPIs, Metrics reporting to ensure senior colleagues are aware of key vulnerabilities and risks within the organisation.
• Coordinates Information & Cyber security escalations and breaches
• Manage the process information or cyber security breaches, ensuring integrity of systems and response and recovery is effective
• Coordinate with the Infrastructure Team, Service Delivery, technicians and data protections teams to ensure security incidents are managed in a timely and effective manner
• Lead on internal and external audits re, compliance monitoring and other review findings to determine Information Security and Cyber risk actions

Other Duties

• Work with the IT Director and leadership team colleagues to agree the yearly programme plan and agreed projects
• Act as the Security lead on business projects involving the wider IT teams
• Project Manage projects related to information or security
• Represent the Federation in cross sector meetings or industry events
• Keep abreast of new developments in software and hardware

Please download the job pack from our website for the full job description and person specification.

We would like to hear from you if you have:

• Excellent verbal and written communication and interpersonal skills;
• Confident in dealing with all levels of stakeholders from CEO down
• Strong personal drive and willingness to get things done
• Self-motivated and committed to delivery on time and to a high quality
• Demonstrable experience of balancing priorities and successful delivery of objectives, in a fast paced, constantly changing environment
• Ability to troubleshoot, investigate and resolve technical issues.
• Ability to react quickly and effectively to issues and opportunities.
• Ability to self-manage, organise, and prioritise tasks and work under pressure during troubleshooting and problem-solving
• Knowledge of IS027001, NIST, and or UK public sector cyber security frameworks
• A minimum of three years of experience in a similar role
• Proven track record in working to strict timescales and of working with staff at all levels
• Detailed knowledge of a wide range of Microsoft products
• Detailed knowledge of Microsoft Office 365, Azure and cloud environments
• Knowledge of Wide Area Networks and Local Area Networks
• Experience of Cisco Firewalls
• Detailed knowledge of different cyber technologies across Infrastructure protection & Application Security
• Experience of using Network Scanning Tools Wireshark and with the output be able to produce reports to various stakeholders identifying any software that requires patching
• Experience in a compliance environment where input remediates various IT Security related controls with the ability to audit, make recommendations and drive the remediation process
• Creation and maintaining of documentation and policies
• Extensive experience of systems architecture and security risk management

If you would like to discuss the opportunity further, or if you have any questions, please contact us via email to arrange a conversation.

Before applying please ensure you download the job pack from our careers website, this will help with completing your application. Please note that we only accept applications submitted online before the closing date.

When applying, you will have the option to import your CV or use a LinkedIn profile which will auto populate the online application.