Head of Cyber and Information Security at Thirteen Group
Role Overview
Thirteen Group is on the lookout for a Head of Cyber and Information Security to lead our information and cybersecurity strategy.
The world of cybersecurity changes fast, so we’re looking for someone with in-depth knowledge to continuously ensure Thirteen’s assets are secure, compliant and resilient against evolving threats.
You’ll be expected to work a minimum of two days a week from our fantastic head office at Hudson Quay in Middlesbrough. Flexibility is important, so there may be times when additional presence at the office is required to meet business and team needs.
Thirteen Benefits
- Salary – £90,008 per annum
- Annual leave – starting at 28 days and rising to 31 days after three years, a day off for your birthday, plus bank holidays
- Pension – up to 17% contributions (flexible contribution rates of up to 7% colleague and up to 10% employer)
- Simply Health – save money on common health expenses and get access to health and wellbeing support services
- T’dar – our Discount and Reward platform giving you huge savings on everyday brands
- Opportunities to buy and sell annual leave
Key Responsibilities
- In this strategic role, you’ll lead on cyber defence to keep our customers & colleague’s data safe. You’ll ensure that we undertake regular internal audits to highlight vulnerabilities on our servers, platforms and end user compute devices and support teams to remediate
- Ensure we meet and maintain key regulations and standards like Cyber Essentials Plus, ISO27001:2022, with strong alignment to the NCSC’s Cyber Assurance Framework and NIST
- Lead on cyber threat intelligence using trusted sources to stay ahead of emerging threats and proactively put measures in place. If (or when) the time comes, you’ll manage and co-ordinate our cyber incident response working with our external partner
- Manage, support & evolve a team of two specialists in cyber security and the groups Data Protection Officer and wider DPO function
- Drive awareness and training initiatives to build a culture of security and compliance across Thirteen
- Support the delivery of DSAR and SAR compliance activities with the nominated DPO and ensure data protection obligations are met
About You
- You’ll have senior leadership experience in cyber and information security, working within a complex organisation. We’d welcome applications from candidates outside of the social housing sector
- Extensive knowledge of cybersecurity frameworks, incident response, threat intelligence and data protection legislation. It would be a bonus if you had CISSP, CISM, or CISA
- A fantastic people manager and a clear communicator. You’ll be able to explain security concepts to different audiences in a way they understand
- A track record of delivering innovative and proactive cybersecurity solutions
- Strong problem-solving skills are important, as you’ll be dealing with complex security issues
