WHAT WE’RE LOOKING FOR

We’re seeking a self-starter, someone who is a confident, dynamic, and knowledgeable leader who can:

• Understand organisational behaviours and need to balance risk against technology provision.
• Inspire trust and drive cyber resilience across diverse organisations.
• Balance risk with business continuity and innovation.
• Lead teams and virtual networks with empathy and clarity.
• Communicate complex security concepts in plain language.
• Stay ahead of evolving threats and regulatory landscapes.
• Demonstrate relative experience in senior-level cyber security leadership.
• Show a track record in strategic planning, team leadership, and delivering measurable business benefits.

Desirable Extras

• Experience in public sector collaboration and innovation.

Working Conditions

• Flexibility to work across sites and outside core hours when needed.
• Participation in out-of-hours incident response rota.
• Subject to DBS and security clearance checks.

WELSH LANGUAGE SKILLS ARE DESIRABLE FOR THIS POST BUT NOT ESSENTIAL.

Torfaen County Borough Council strives to be a fair, supportive and effective employer. The Council is committed to safeguarding and promoting the welfare of children, young people and vulnerable adults. The Council expects all employees, paid or unpaid, to share this commitment.

ABOUT THE ROLE

This is not your typical Cyber or Information Security position. As the strategic lead for cyber resilience and information security across Monmouthshire Conty Council, Torfaen County Borough Council and Blaenau Gwent County Borough Council, you’ll shape and deliver a unified cyber strategy that protects and empowers public services. Reporting directly to the Chief Operating Officer, you’ll act as the trusted advisor on all things cyber, information security, and business continuity.
You’ll lead a team of talented professionals, influence senior stakeholders, and ensure that security is not just a safeguard but a driver of transformation. From PSN and Cyber Essentials Plus to PCI DSS and CAF compliance, your work will span technical leadership, strategic planning, public sector innovation and organisational behaviour in relation to information security.
A key aspect of this role in assessing risk and understanding how people’s behaviour impacts security is the ability to analyse and interpret behavioural patterns to predict potential security threats. By understanding the nuances of human behaviour, this role will help identify unusual activities or deviations from normal patterns that may indicate a security risk. This proactive approach allows for the implementation of preventive measures before any actual threat materialises, thereby enhancing the overall security posture from a people perspective as well technology.

WHAT MAKES THIS ROLE UNIQUE?

Multi-Authority Impact: Influence cyber strategy across three councils, each with distinct needs and priorities.
Strategic & Operational Blend: Shape long-term vision while leading hands-on delivery of security programmes.
Innovation-Driven: Champion cutting-edge solutions like zero-trust architectures and advanced threat intelligence.
Collaborative Culture: Work closely with SIROs, governance boards, and cross-functional teams to embed security into every layer of service delivery.
Flexible & Modern Working: Based in Usk with travel across partner sites and supported by hybrid working practices.