Amey
Amey is a leading provider of full life-cycle engineering, operations and decarbonisation solutions for UK infrastructure. Providing full lifecycle, sustainable infrastructure solutions; informed by data, delivered with expertise.
Amey is a leading provider of full life-cycle engineering, operations, and decarbonisation solutions, for transport infrastructure and complex facilities.
Working for us, you’ll be delivering sustainable infrastructure solutions that enhance life and protect our shared future.
Our people are driven by a set of strong values, based on safety, insight, and collaboration.
The Opportunity
We have a fantastic opportunity for a permanent Chief Information Security Officer to join Amey’s group functions.
As Chief Information Security Officer you will play a critical role within the organisation, tasked with safeguarding the company’s information assets and technologies. This will involve the development and maintenance of a comprehensive security strategy that aligns with Amey’s goals and objectives.
Responsible for identifying potential security threats and vulnerabilities and implementing measures to mitigate those risks. This includes sponsoring the implementation of advanced security technologies and controls, conducting regular security assessments, and ensuring that all employees are appropriately trained in security best practices.
Key responsibilities:
* Develop and deliver an information security strategy and improvement roadmap which will continuously enhance the organisation’s risk profile, aligned with strategic business objectives.
* Develop and maintain an internal common control framework for information security and data protection which addresses all regulatory and commercial requirements.
* Ensure ongoing regulatory compliance with all applicable data protection legislation and maintain a healthy relationship with regulators to avoid financial penalties and enforcement actions.
* Develop and maintain an appropriately skilled team to deliver the published information security strategy and roadmap.
* Monitor appropriate sources of threat intelligence and perform horizon scanning to identify emerging cybersecurity threats and risks associated with new technology trends.
* Maintain appropriate levels of employee awareness across information security and data protection. Delivering a broad compulsory training programme as well as targeted training and awareness initiatives.
* Understand the business appetite for framework accreditation and proactively target increased levels of certification to align with the growing demand for information security assurance.
* Elevate the organisations profile and commitment to information security through continued external engagement with government, industry and client associations and committees.
* Sponsor and deliver technology and compliance initiatives aligned to agreed prioritisation.
* Contribute to the preparation of bid submissions and actively look to deliver additional value across the information security and data protection aspects.
* Contribute to the scoping and delivery of broader projects which might be managed by other teams, but which may have a dependency on information security.
* Maintain strategic relationships with partners and suppliers that support the information security programme, strategy and key initiatives.
* Mentor and support the information security team, providing development and growth opportunities.
What you will bring to us:
* Degree in either Computer Science, Information Security, Law or Privacy
* Professional qualifications and industry experience in Information Security / Cyber, such as CISM, CISSP and CISA are highly desirable
* Knowledge of current information security related standards or regulations such as ISO27001, Cyber Essentials Plus, GDPR, PCI-DSS, NIST
* Deep and ever evolving experience in Cyber and Information Security
* Real world experience of cyber-attack and recovery ideally in a leadership role
* General IT qualifications for breadth of experience
* People Management knowledge to effectively manage teams
* Financial knowledge to manage a cost centre
* Security accredited to SC level will be required within 6 months
What we can offer you:
At Amey, we recognise that our biggest asset is our people. That is why when you join us, we offer flexibility, career development, a choice of benefits and support that help you through all life’s ups and downs.
Work-life Balance – Work-life balance and flexibility are key for our success. We empower our people to make choices that are right for them, with hybrid, part-time and flexible work patterns.
Health cash plan, 24 GP, support and assistance programmes, wellbeing ambassadors and Wellbeing Wednesday, dental vouchers.
EDI - At Amey we celebrate our people and all that they are. This is reflected in our Affinity Group networks, providing a community of support and connection.
Social Value – You’ll get 2 Community Involvement Days each year to volunteer for a charity of your choice.
Plus, a range of other great perks and benefits including:
* Pension – Generous Pension scheme which we will contribute to.
* Healthcare – private family cover via BUPA.
* Choices - Our flexible benefits scheme is tailored by you.
* Save with Amey - Our online voucher portal gives you access to thousands of discounts from leading retailers.
Application Guidance
Amey is committed to Inclusion and Diversity. We welcome applications from all suitably qualified candidates. We are also committed to offering applicants with a disability an interview if they meet the minimum requirements for the role.
Please contact our recruitment team at to discuss any access needs, reasonable adjustments or additional application support that may be required.
#J-18808-Ljbffr