Head of Information Security and Resilience

at  Unite Students

WHAT WE`RE LOOKING FOR IN YOU

• Demonstrated experience and success in senior leadership roles in risk management, and information security
• Degree in business administration or a technology-related field, or equivalent work- or education-related experience
• Desired, but not required:
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar credentials
• Experience successfully executing programs that meet the objectives of excellence in a dynamic business environment
• Experience with contract and vendor negotiations
• Knowledge and understanding of relevant legal and regulatory requirements
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
• Sound knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies
• Up-to-date knowledge of methodologies and trends in both business and IT
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various levels
• Strategic leader and builder of both vision and bridges, and able to energize the appropriate teams in the organisation
• Ability to lead and motivate the information security team to achieve tactical and strategic goals, even when only “dotted line” reporting lines exist
• Excellent stakeholder management skills
• Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
• Project management skills: financial/budget management, scheduling and resource management
• A master of influencing entities and decisions in situations where no formal reporting structures exist, but achieving the desirable outcome is vital.

Unite Students recognise the importance of leveraging digital technologies to underpin our ambition. We are establishing three Digital Delivery Teams to take the lead on understanding the digital art of the possible, and translating that into compelling strategies and programmes which deliver business value. The three teams will focus on Digital Customer, Digital Colleague, and Digital Property which link directly to our three strategic imperatives of “great place to live”, “great place to work”, and “great place to invest”. These teams will work in a lean/agile way to learn and scale solutions at pace.
Enabling and supporting our Business Delivery teams, we require an assertive, pragmatic, and action-oriented Information Security and Resilience function. The Head of Information Security and Resilience will be responsible for developing this capability.
The Head of Information Security and Resilience will be responsible for implementing and running the enterprise information security program. That will involve identifying, evaluating and reporting on legal and regulatory, IT, and cybersecurity risk to information assets, while supporting and advancing business objectives. This role is also responsible for ensuring that Unite Students achieves a high level of resilience in its information services and assets.
A key element of this role is working with colleagues across our business to determine acceptable levels of risk. You will proactively work with colleagues and strategic partners to implement practices that meet agreed policies and standards for information and cyber security.
You will build a strong, pragmatic, and capable function which acts as a “critical friend” to the rest of the technology team and broader business. You will advocate for innovative good practice, and ensure that conscious deviances from this are captured on the corporate risk register.
The ideal candidate is a thought leader, a builder of consensus and of bridges between business and technology. You will be an integrator of people, process and technology. While the Head of Information Security and Resilience is the leader of the information security program, they must also be able to coordinate disparate drivers, constraints and personalities, while maintaining objectivity and a strong understanding that cybersecurity is foundational for the organization to deliver on its business goals and objectives. Ultimately, the Head of Information Security and Resilience is a business leader, and should have a track record of competency in the field of information security and/or risk management, with significant experience in a senior leadership role.
The role will report into the Director of Digital and Information Technologies, and will work closely with others in the Digital and Information Technologies Leadership team.