Candidates must have great Cyber Tech exposure as well as having a background in delivering this project solely before

This role is a mixture of Cyber Policy and Technical based work.

Key Responsibilities

• The role will be responsible for creating, implementing, and measuring the success of my clients IT security posture


• Is responsible for the attainment and adherence to the required IT security standards, as set out by the Head of IT & Digital Transformation. Currently Cyber Essentials + and the NIST CSF


• Has day-to-day responsibility for devising, planning, and coordinating any IT security related updates across all IT assets and services


• Advise and make recommendations on suitable security controls to the Information security committee


• Assess and provide recommendations on requests for deviation to advised base configurations


• Provide a robust technology infrastructure capable of meeting the needs of Jewish Care


• Own, Agree and ensure compliance to IT Security policy, and any related policies


• Provide early insight to external risk landscape and opportunities to improve


• Identify risk to our infrastructure and provide recommendations to mitigate risk


• Prepare reports for Trustees and Internal Audit & Risk Committee


• Support in assessing the compliance of system and software procurement

Candidates much have demonstrable commercial experience in

• IT Audit and benchmarking (NIST or ISO27001)


• Experience leading an organisation through a significant cyber security improvement programme, both people (Training) and process (Technical tools)


• Lead and maintained an IT environment through industry accreditation to CE+


• Proven ability to engage and manage senior stakeholders


• Excellent written and oral communication and presentation skills


• Relevant IT Security experience in social care organisation


• Creating, maintain and test IT BCP and DR plans


• IT Security Frameworks (NIST or ISO27001)


• Control and securing high value or high-risk data such as PII medical data


• Meraki Networking


• Sophos


• KnowB4 or Cyber security training platform management


• Mimecast


• Azure and Azure VPN


• MS InTune


• Qualys or other device monitoring and patch management platform


• PRTG Network Monitoring

*Rates depend on experience and client requirements