Chief Information Security Officer - Core Services

Salary

The base salary for this grade is £72,840. Offers above this will be made up of a Digital Skills Allowance of up to £18,000 per annum for exceptional candidates. London locations may attract an allowance of up to £3,300 per annum.

Location

MOD Main Building, Whitehall, London, SW1A 2HB (please note regular travel will be required)

Overview

The MOD’s digital teams ensure we remain among the most technologically advanced Armed Forces in the world. We develop and lead in cutting‑edge data science, automation, and cybersecurity solutions to protect the UK and its interests, at home and abroad. Our mission also goes beyond the battlefield by leading humanitarian efforts and driving innovation that impacts lives across the globe.

From the 1st April 2026 Defence Digital has changed its name to National Armaments – Digital & Data.

Job Summary

This high impact role is accountable for strengthening the Cyber Risk position of digital capabilities delivered by the Core Services team within National Armaments Digital & Data. You’ll work closely with senior leaders, driving innovation, ensuring risks are suitably mitigated and embedding secure‑by‑design principles into everything we do. Your expertise will make a real difference, helping to safeguard national security and ensuring our digital future is resilient, secure and ready for tomorrow’s challenges.

Ensuring robust governance, risk management and compliance frameworks are in place, you’ll champion a positive security culture across the organisation, improving cyber security and information security awareness, knowledge and skills.

Responsibilities

• Act as the primary point of contact for Cyber and Information Security, ensuring strong governance and clear accountability across the organisation and supply chain.
• Deliver and maintain the Cyber and Information Risk Management Framework, identifying, assessing and mitigating risks effectively.
• Drive secure‑by‑design principles and digital resilience into all programmes and services from the outset.
• Oversee audits, incident management and adherence to Defence standards and regulations.
• Champion awareness and training, so everyone understands their role in maintaining security.
• Ensure Data Protection Advisors and Information Asset (DPIA) Owners manage personal data responsibly, with DPIAs in place for systems and services.
• Ensure all cyber and information security incidents, breaches and near misses are appropriately managed, reported and investigated appropriately, to ensure that risk is mitigated and lessons identified, recorded and learnt.
• Line management of a small team and matrix management within a larger organisation.

Person Specification

We would expect to see experience in Cyber and Information Security leadership and demonstrable ability to develop and maintain governance and risk management frameworks. You’ll have a thorough understanding of secure‑by‑design principles, digital resilience and compliance requirements, with experience of managing security incidents, audits and remediation activities. This position may be suitable for individuals with relevant skills and experience in information security governance & management, risk assessment & information risk management, technical security architecture or with appropriate skills gained in an ICT assurance or compliance environment.

Essential Criteria

• Excellent stakeholder engagement and influencing skills at senior levels.
• Strong analytical and problem‑solving abilities with a risk‑based approach.
• Ability to lead cultural change and promote security awareness across diverse teams.
• Experience in Cyber and Information Security leadership, and demonstrable ability to develop and maintain governance and risk management frameworks.

Travel

Regular travel will be required to other MOD locations in the UK.

Security Clearance

Successful candidates must undergo a criminal record check and DV clearance. Successful candidates must meet the security requirements prior to appointment. The level of security needed is developed vetting.

Nationality Requirements

Open to UK nationals only.

Equal Opportunity

We provide equal opportunities and are committed to promoting diversity and inclusion. All candidates are considered on merit, with no discrimination.