At a Glance
- Tasks: Lead cyber security initiatives and enhance the organisation's resilience against cyber threats.
- Company: Join the Greater London Authority, a diverse and inclusive employer.
- Benefits: Enjoy competitive salary, 30 days leave, and interest-free loans for travel and bikes.
- Other info: Flexible working options and commitment to diversity and inclusion.
- Why this job: Make a real impact on London's cyber security landscape while developing your career.
- Qualifications: Experience in cyber security management and strong communication skills required.
The predicted salary is between 60000 - 75000 £ per year.
Contract details: Based at City Hall, Unions Street and flexi home. Minimum 3 days on site, or at the Palestra office (Southwark) where TfL Cyber Security is based. Due to the nature of the role and involvement in emergency response.
The Resources and Business Improvement Directorate is responsible for People Function, Facilities Management, Digital Experience Unit and Technology Group, Information Governance, Executive Support Team and leadership of all shared services across the GLA Group.
About the team: This is a new role that forms part of a new structure at the GLA. It reports into the Director of Live Service and will initially be part of a service team of three.
About the role: Act as the strategic owner and senior security authority SME for the GLA’s cyber security, information assurance and shared ICT services security posture. The role will address increasing cyber risk, assurance expectations, regulatory obligations and the operational realities of a shared service model with Transport for London (TfL). It provides sustained leadership, assurance and subject‑matter expertise beyond purely technical cyber functions, embedding cyber resilience, education and risk awareness across the organisation.
What your day will look like:
- Review any security incidents reported and respond accordingly
- Deliver updates to the SLT on weekly and monthly dashboards reporting on tactical and strategic issues and opportunities
- Respond to any requests to work abroad
- Provide input into any project requests that impact the cyber stance
- Review and update policy following NCSC or other guidance
- Create and deliver proactive training updates via webinar, lunch and learn, core brief, media and communications
Skills, knowledge and experience:
- Strong experience in cyber security management within a complex or shared‑service environment
- Demonstrable understanding of NCSC principles, ISO 27001 and public‑sector security frameworks
- Experience managing suppliers and outsourced security services
- Ability to translate technical risks into business‑focused advice
- Strong communication and stakeholder‑management skills
- Creation and delivery of security and cyber strategies and operational assurance plans
Essential criteria:
- CISM (Certified Information Security Manager)
- CISSP (Security & governance domains)
- Knowledge of SIEM/SOC environments
- Threat detection and vulnerability management
- Business continuity / disaster recovery
- Exposure to smart city / data‑sharing ecosystems
- Regulatory experience: UK GDPR and public sector frameworks
- Technical grounding: architecture and cloud security awareness
- Leading & Influencing (communication, stakeholders)
- Delivering Results (execution, pragmatism)
- Thinking & Judgement (risk, strategy, ethics)
- Working Together (collaboration, partnerships)
Benefits:
- Competitive salary paid every four weeks
- 30 days annual leave
- Interest‑free season ticket loan
- Interest‑free bicycle loan
- Career average pension scheme
Equality, diversity and inclusion: London’s diversity is its biggest asset, and we strive to ensure our workforce reflects London’s diversity at all levels. We welcome applications from everyone regardless of age, gender, gender identity, gender expression, ethnicity, sexual orientation, faith or disability. We particularly encourage applications from Black, Asian and Minority ethnic candidates and disabled candidates who are currently under‑represented in our workforce. We are a Disability Confident Employer and celebrate flexible and part‑time work. Adjustments throughout the recruitment and working process will be accommodated as far as possible.
Additional information: All candidates must confirm that the information provided in their application is true and correct. Deliberate falsification will disqualify a candidate. Successful candidates must undergo a criminal record (DBS) check; some roles may require additional security screening. The GLA is proud to be a Level 2 Disability Confident employer and is committed to becoming a more inclusive and accessible organisation. We welcome and encourage applications from disabled applicants; if you wish to opt into the scheme, please inform us during your application.
Cyber Resilience & INFOSEC Assurance Lead employer: London Gov
The Greater London Authority (GLA) is an exceptional employer, offering a dynamic work environment at the heart of London, with a strong commitment to diversity and inclusion. Employees benefit from competitive salaries, generous annual leave, and opportunities for professional growth within a supportive team structure. With a focus on cyber resilience and information security, this role not only provides meaningful work but also allows for flexible working arrangements, making it an attractive choice for those seeking to make a significant impact in public service.
StudySmarter Expert Advice🤫
We think this is how you could land Cyber Resilience & INFOSEC Assurance Lead
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including London Gov, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through London Gov
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at London Gov. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace Cyber Resilience & INFOSEC Assurance Lead
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at London Gov insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to London Gov that you’re committed to staying ahead in the game.
How to prepare for a job interview at London Gov
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at London Gov to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at London Gov.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.
