At a Glance
- Tasks: Lead business continuity and cyber resilience strategies to safeguard critical services.
- Company: Join a high-profile organisation focused on government security and resilience.
- Benefits: Competitive daily rate, remote work flexibility, and potential contract extension.
- Other info: Work with senior leaders and drive continuous improvement in a dynamic environment.
- Why this job: Make a real impact in crisis management and strengthen national security.
- Qualifications: Proven experience in business continuity and cyber incident management required.
Location: either London, Scotland or Wales - 4 days per week remote, 1 day per week in the office
Rate: £800 per day inside IR35
Contract Duration: 6 months with potential to extend
About the Role
Are you a strategic leader capable of steering an organisation through its most challenging moments? As the Head of Business Continuity and Cyber Resilience, you will lead our capability across the entire Business Continuity Management and Cyber Incident Lifecycles. This is a high-profile role where you will design, implement, and embed robust policies, strategies, and readiness programmes to safeguard our critical regulatory services. From shaping strategic response mechanisms to navigating complex cyber threats, you will provide the "helicopter view" and senior leadership necessary to strengthen our preparedness, response, and recovery arrangements across DDSS and wider business teams.
Key Responsibilities
- Strategic Leadership: Champion business continuity and cyber resilience across the organisation and wider government, driving a culture of continuous improvement and lessons learned.
- Team & Standards Management: Lead a team of resilience specialists to ensure full compliance and delivery against CAF, DHSC, ISO22301, and ISO27031 standards.
- Exercise & Training Delivery: Design and execute major/minor cyber exercise programmes, crisis simulations, and technical recovery walkthroughs alongside training and awareness campaigns.
- Incident & Threat Analysis: Lead the delivery of incident management policies, investigate the source and nature of breaches to support threat intelligence, and manage the rapid, accurate sharing of critical information.
- Stakeholder Coordination: Act as an "intelligent customer" for business units, keeping senior stakeholders and Executive Directors informed with strategic risk insights.
Key Outputs and Deliverables
- Deliver and maintain the organisational Business Impact Analysis (BIA), dependency map, and criticality register.
- Maintain all business continuity, recovery, and cyber incident response plans in alignment with NCSC and ISO frameworks (ensuring compliance with RPO/RTO/MTPD thresholds).
- Produce regular, data-driven Board dashboards providing insight into our resilience posture, risk, and maturity.
- Provide expert assurance and resilience input into major corporate programmes, system changes, and supplier engagements.
- Lead the function through CAF submissions, remediation activities, and the roadmap to formal ISO22301/27031 compliance.
Key Stakeholder Relationships
- Internal: Executive and Deputy Directors; DDSS leadership, Cyber Security, and DPO teams; Tech Operations, Engineering, and Service Management; Corporate Service Owners.
- External: NCSC CIR providers and cyber incident partners; third-party technology suppliers; cross-government resilience and BCM communities; sector regulators.
Role Criteria
Essential Experience & Qualifications
- Resilience Expertise: Proven experience delivering robust business continuity, organizational resilience, or cyber incident management at scale.
- Senior Stakeholder Engagement: Demonstrated experience influencing senior leaders and driving complex organizational planning.
- Cyber Security & Risk: Strong background in Cyber Security and Risk Management with a distinct focus on organizational resilience.
- Command Structure Experience: Practical experience designing or participating in exercises at Bronze, Silver, and Gold command levels.
- Professional Certifications: Must hold a CISM certification alongside AMBCI/MBCI/DBCI accreditation.
Desirable
- Experience working within highly regulated or central government environments.
- Experience designing and delivering cross-organisational training and awareness campaigns.
How to Apply
If you are ready to bring your expert threat understanding and crisis management leadership to a vital public function, please submit your CV and a supporting statement outlining how you meet the criteria above.
Head of Business Continuity and Cyber Resilience - SC Cleared in London employer: Code IT Recruitment Ltd
As a leading organisation in the realm of business continuity and cyber resilience, we pride ourselves on fostering a dynamic work culture that prioritises employee growth and development. With flexible working arrangements allowing for four days remote and one day in the office, our team enjoys a healthy work-life balance while engaging in meaningful projects that safeguard critical services across government. Join us to be part of a collaborative environment where your expertise will directly contribute to enhancing national security and resilience.
StudySmarter Expert Advice🤫
We think this is how you could land Head of Business Continuity and Cyber Resilience - SC Cleared in London
✨Get Active on Cybersecurity Forums
Join platforms like Stack Exchange and Reddit’s r/cybersecurity to hang out with industry pros, learn the latest, and share your insights. This will not only boost your visibility but also help you connect with potential clients who might need your freelance services.
✨Show Off Your Skills with Public Projects
Create a few open-source projects or contribute to existing ones that showcase your cybersecurity skills. Use GitHub to display your work, as this is an excellent way to attract clients looking for freelancers with a proven track record.
✨Attend Local Conferences and Meetups
Make sure to hit up cybersecurity meetups, workshops, and conferences in your area. These events are goldmines for networking, and you’ll often find people looking for freelancers after a chat over a coffee – so come prepared with your business cards and a killer elevator pitch!
✨Market Yourself Smartly
Set up a professional website that showcases your portfolio, expertise, and client testimonials. Optimise it for SEO with relevant keywords so potential clients searching for cybersecurity freelancers can easily find you. Don’t forget to link to your site on all your social media and profiles!
We think you need these skills to ace Head of Business Continuity and Cyber Resilience - SC Cleared in London
Some tips for your application 🫡
Show Your Skills Through a Strong Portfolio:Since you're applying for a freelance role in cybersecurity, it's crucial to showcase your technical skills through a detailed portfolio. Include case studies of projects you've worked on, any security tools you've developed or assessed, and specifics on the methodologies you’ve used. This will help Code IT Recruitment Ltd understand what you're capable of.
Certifications Matter!:Make sure to list any relevant certifications you hold, such as CISSP, CEH, or CompTIA Security+. Freelance clients often value these credentials as they reflect your expertise and commitment to the field. If you’re actively pursuing more certifications, don’t hesitate to mention that too!
Rates, Availability, and Your Work Style:In your application, it’s essential to be clear about your freelance rates and availability. Clients appreciate transparency. Mention how many hours a week you can dedicate and your preferred working hours, as this sets expectations from the start and shows you're organised and professional.
Tailor Your CV to Highlight Cybersecurity Experience:When crafting your CV, make sure to tailor it specifically to cybersecurity. Highlight projects, tasks, and achievements related to security assessments, vulnerabilities you've mitigated, or compliance work you've undertaken. Keywords relevant to the job can grab attention and increase your chances of landing a spot at Code IT Recruitment Ltd.
How to prepare for a job interview at Code IT Recruitment Ltd
✨Showcase Your Cybersecurity Skills
As a freelancer in cybersecurity, it’s crucial we demonstrate not just our knowledge but our practical skills too. Be ready to discuss specific tools you’ve used, like Wireshark or Metasploit, and share relevant experiences where you identified vulnerabilities or mitigated risks in past projects.
✨Prepare Your Portfolio
Unlike traditional roles, freelancing relies heavily on your portfolio. Let’s curate a selection of past work that showcases our best projects. If we’ve handled penetration tests, audits, or incident responses, be sure to highlight these in your portfolio, and share any client testimonials if we have them.
✨Stay Updated on Trends and Tools
Cybersecurity is an ever-evolving field, so we should be prepared to chat about recent developments and how they impact our work. Familiarise ourselves with the latest threats, tools, and frameworks, like MITRE ATT&CK, that are pertinent to the projects we’re pitching.
✨Pitching Your Value as a Freelancer
When freelancing, we often need to negotiate our rates and value propositions. Be ready to explain how our skills can help Code IT Recruitment Ltd protect their assets and manage risks. It can help to outline some potential strategies or improvements we could implement for them based on their current setup.
