Your role As the Cyber Security Lead, you will play a pivotal role in safeguarding EMBL-EBI's data resources and ensuring the continued availability of our world-leading life sciences tools and services. You will be responsible for leading and evolving our cyber security strategy, operations, and culture, in a dynamic and increasingly complex threat landscape. This is a new leadership position, created to address the growing sophistication of cyber security threats, including those from nation-state actors. You will be responsible for maintaining our cyber security best practice and developing and delivering a roadmap for improvement, establishing EMBL-EBI as a world leader in cyber security for open data resources, taking into account the unique requirements of our open data model and intergovernmental status. You will lead the newly formed IT Security team, collaborating with IT teams, scientific teams and groups, senior leadership and our colleagues across EMBL. You will also interface with collaborators, funders, and the wider cyber security community. Key Responsibilities Strategy & Leadership: Develop, implement, and maintain a comprehensive cyber security strategy and roadmap that aligns with EMBL-EBI's mission and the evolving threat landscape. This roadmap will significantly enhance our security posture and be regularly reviewed and updated. Lead the security team, line-managing the existing IT Security Officer. Manage day-to-day cyber security operations, including incident response, vulnerability management, threat intelligence, and security monitoring, ensuring these are developed and improved as specified in the roadmap. Provide leadership and direction in all aspects of cyber security, fostering a security-conscious culture across the institute. Stay abreast of emerging threats, vulnerabilities, and security technologies, particularly in the context of large-scale scientific data management and open data sharing. Represent EMBL-EBI's cyber security interests in internal and external forums, including with collaborators and funders. Gain buy-in from stakeholders across the institute for the cyber security roadmap through effective communication, consultation, and collaboration. Set and maintain world-class standards for cyber security at EMBL-EBI. Operations & Implementation: Oversee the implementation of the cyber security roadmap, ensuring timely and effective delivery of improvements. Represent EMBL-EBI’s IT security interests within the border sphere of the EMBL organisation. Oversee the design, architecture, implementation, and maintenance of secure systems and infrastructure, including networks, servers, applications, and cloud environments. Optimise the current SIEM technology by reviewing and improving correlation rules, alerts and dashboards, and developing parsing rules as needed to align with the evolving threat landscape. Perform advanced forensic analysis after security incidents, including the acquisition, preservation, and examination of digital evidence from endpoints, servers, network devices, and cloud environments, using industry-standard tools and methodologies. Develop and refine security policies, procedures, and standards, ensuring alignment with industry best practices and regulatory requirements. Ensure EMBL-EBI complies with all relevant regulations, as well as funder and intergovernmental requirements. Work with the IT Security Officer to manage and improve security awareness training and education programs for all staff. Oversee security audits and assessments, identifying and mitigating risks proactively. Collaboration & Communication: Work collaboratively with the existing IT Security Officer, IT teams, scientific groups, and leadership to ensure security considerations are integrated into all aspects of EMBL-EBI's operations. Develop and maintain strong working relationships with external partners, including cyber security vendors, research organisations, and government agencies. Communicate effectively with technical and non-technical audiences about cyber security risks, threats, and mitigation strategies. You have Bachelor's or Master's degree in Computer Science, Information Security, or a related field (or equivalent experience). Experience in a senior cyber security role, with a proven track record of developing and implementing successful cyber security strategies. Demonstrable leadership experience, with the ability to influence and motivate others. Deep understanding of cyber security threats, vulnerabilities, and mitigation techniques. Experience with a wide range of security technologies and practices. For example, some of the following: - Intrusion detection and prevention systems (IDPS) - Security information and event management (SIEM) system - Vulnerability scanning and penetration testing - Cloud security - Identity and access management (IAM) - Data loss prevention (DLP) - Endpoint protection - Security operations and incident response Experience in developing and implementing security policies, procedures, and standards. Understanding of legal and regulatory frameworks (e.g., GDPR, ISO 27001, NIST SP 800-171). Excellent communication, collaboration, and interpersonal skills, with the ability to effectively communicate complex technical information to both technical and non-technical audiences. Experience building and leading cyber security programmes within large, complex organisations. Experience developing a roadmap for significantly improving an established cyber security program. You may also have Relevant industry certifications (e.g., CISSP, CISM, CISA, OSCP, GIAC, ISO 27001 LA) strongly desired Experience with research computing or HPC (High Performance Computing) environments. Experience with open data and open-source environments. Experience managing and mentoring IT security professionals. Experience with security automation and orchestration. Familiarity with bioinformatics and/or biological data management. Experience working in an international or intergovernmental organisation. Experience in the life sciences or research sector. Contract length: 3 years (renewable up to 9 years) Salary: Grade 7 - 8 (Monthly salary from £4,111 - £4,716 after tax but excluding health insurance and pension contributions. Plus generous benefits. Why join us Do something meaningful At EMBL-EBI you can apply your talent and passion to accelerate science and tackle some of humankind's greatest challenges. EMBL-EBI, part of the European Molecular Biology Laboratory, is a worldwide leader in the storage, analysis and dissemination of large biological datasets. We provide the global research community with access to publicly available databases and tools which are crucial for the advancement of healthcare, food security, and biodiversity. Join a culture of innovation We are located on the Wellcome Genome Campus, alongside other prominent research and biotech organisations, and surrounded by beautiful Cambridgeshire countryside. This is a highly collaborative and inclusive community where our employees enjoy a relaxed atmosphere. We are committed to ensuring our employees feel valued, supported and empowered to reach their professional potential. Watch this video to see how EMBL-EBI makes an impact. Enjoy lots of benefits: Financial incentives: Monthly family, child and non-resident allowances, annual salary review, pension scheme, death benefit, long-term care, accident-at-work and unemployment insurances Flexible working arrangements - including hybrid working patterns Private medical insurance for you and your immediate family (including all prescriptions and generous dental & optical cover) Generous time off: 30 days annual leave per year, in addition public holidays Relocation package including installation grant (if required) Campus life: Free shuttle bus to and from work, on-site library, subsidised on-site gym and cafeteria, casual dress code, extensive sports and social club activities (on campus and remotely) Family benefits: On-site nursery, 10 days of child sick leave, generous parental leave, holiday clubs on campus and monthly family and child allowances Benefits for non-UK residents: Visa exemption, education grant for private schooling, financial support to travel back to your home country every second year and a monthly non-resident allowance. For detailed information please visit our employee benefits page here. What else you need to know International applicants: We recruit internationally and successful candidates are offered visa exemptions. Please take a look at our International Applicants page for further information. EMBL is a signatory of DORA. Find out how we apply DORA principles to our recruitment and performance assessment processes here. Diversity and inclusion: At EMBL, we strongly believe that inclusive and diverse teams benefit from higher levels of innovation and creative thought. We encourage applications from women, LGBTQ & individuals from all nationalities. How to apply: To apply please submit a cover letter and a CV through our online system. We aim to provide a response within two weeks after the closing date. Closing Date 23/02/2025