Proven experience in the design, implementation and operation of scaled IT security services and capabilities, ideally within a large government organization or complex large-scale multi-supplier organization.
Strong technical aptitude and exposure to ISO 27001 or similar-based security policies and standards.
Excellent communication skills, with the ability to articulate complex technical issues into business-focused terms and communicate with Stakeholders.
Knowledge of GDPR, its business implications and the merits of various technical approaches
Expertise in IT security risk in a business context
Exposure to web application security and penetration testing.
Exposure to securing the software development life cycle and to project management disciplines.
Excellent organizational and technical documentation skills.
Strong understanding of Information Security including threats, attacks, and vulnerability management.
Deep understanding of secure development practices, with practical experience of cyber security, privacy protection, cloud security, identity management, situations awareness, protective monitoring, security operations, risk management and reporting.