Summary
As Head of Cyber Security you will deliver an outcome-focused, professional and high-quality service.
You will play a key role in the team and be responsible for overseeing the day to day running of the cyber security team.
You will utilise your excellent working knowledge of the field, and as a subject matter expert, providing expert advice to the cyber and senior leadership team.
You will build working relationships and work with a diverse group of stakeholders, communicating in a clear, concise, timely and effective manner.
You will use your extensive knowledge gained through technical expertise, team management and service management to ensure the seamless and successful delivery of the service.
Work Activity Components
| Title | Details |
|---|---|
| Advice (THIN) (Level 5) | Provides expert advice on threat intelligence activities and to help others mitigate vulnerabilities or to respond to security incidents. |
| Information review (THIN) (Level 5) | Reviews, ranks and categorises qualitative threat intelligence information. |
| Reporting (THIN) (Level 5) | Leads production and editing of threat intelligence reports that enhance the intelligence production workflow. |
| Source evaluation (THIN) (Level 5) | Distributes information and obtains feedback about the value, usefulness and impact of the data. |
| Threat intelligence gathering (THIN) (Level 5) | Plans and manages threat intelligence activities. Identifies which are the most impactful threat categories and the types of information that can help defend against them. |
| Threat modelling (THIN) (Level 5) | Conducts complex threat modelling tasks. Predicts and prioritises threats to an organisation and their methods of attack. |
| Assurance (SCAD) (Level 5) | Monitors the application and compliance of security administration procedures, and reviews information systems for actual or potential breaches in security. |
| Auditable records (SCAD) (Level 5) | Ensures that security records are accurate and complete, and that requests for support are dealt with according to set standards and procedures. Recognises requirements for, and creates, auditable records, user documentation and security awareness literature for all services and systems within scope, ensuring that the records provide a comprehensive history of violations, resolutions and corrective action. |
| Changes and continual improvement (SCAD) (Level 5) | Advises on and assists with the assessment of the potential impact on existing access security mechanisms of specific planned technical changes, in order to help ensure that potential compromise or weakening of existing security controls is minimised. Also assists in the evaluation, testing and implementation of such changes. |
| Policies, standards, processes and guidelines (SCAD) (Level 5) | Contributes to the creation and maintenance of policy, standards, procedures and documentation for security, taking account of current best practice, legislation and regulation. |
| Security advice (SCAD) (Level 5) | Provides general security expertise and specialist guidance on security administration and wider security issues. |
| Security training (SCAD) (Level 5) | Ensures that training, guidance and support is provided to security administrators, in all aspects of security policy and control. |
| Violation and security breach (SCAD) (Level 5) | Ensures that all identified breaches in security are promptly and thoroughly investigated, and that any system changes required to maintain security are implemented. Investigates complex, or highly sensitive violations referred by more junior staff or colleagues, handling issues imaginatively, efficiently and professionally. Obtains factual information and formulates opinions regarding exposed violations. Where appropriate (i.e. involving employees within own organisation) interviews offenders in conjunction with the relevant line manager or on own authority if warranted. |
| Assessment documentation (VUAS) (Level 5) | Documents a full vulnerability assessment and business impact analysis conducted on complex information systems. |
| Communication and awareness (VUAS) (Level 5) | Communicates to the organisation’s leadership information on security risks to critical information and technology assets, and the impact on the business should vulnerabilities be breached. |
| Critical information and technology assets (VUAS) (Level 5) | Determines a quantifiable value to the impairment of an identified critical information or technology asset. |
| Risk assessment (VUAS) (Level 5) | Uses complex quantitative risk analysis methods such as exposure factor, single loss expectancy, annualised rate of occurrence or annualised loss expectancy, to conduct security risk assessments, business impact analysis and accreditation on complex information systems. |
| Risk mitigation (VUAS) (Level 5) | Identifies control owners and holds them accountable for the implementation of policies to reduce the risk of controls allocated to them using a recognised methodology. |
| Tools and techniques (VUAS) (Level 5) | Reviews, evaluates, and selects vulnerability tools and techniques. |
| Vulnerability assessment (VUAS) (Level 5) | Plans and manages automated and manual vulnerability assessment activities within the organisation. Assesses effectiveness of security controls for infrastructure and application components and recommends remedial action. |
| Vulnerability identification and analysis (VUAS) (Level 5) | Takes a comprehensive approach to seeking vulnerabilities across the full spectrum of organisation policies, processes, and defences in order to improve organisational readiness, improve training for defensive practitioners, and inspect current performance levels. |
| Career paths and mentoring (PEMT) (Level 5) | Advises individuals on career paths, and encourages pro-active development of skills and capabilities. Provides mentoring to support professional development. |
| Empowerment and role model(PEMT) (Level 5) | Facilitates effective working relationships within and between teams of staff. Motivates groups of staff and teams towards a high level of performance. Engages with, and empowers groups of staff. Acts as a role model for groups of staff, setting a standard, acting professionally at all times and working to a professional code of conduct and ethics. |
| Guidance, performance and feedback (PEMPT) (Level 5) | Optimises the performance of people, measuring and reporting on performance against agreed quality and performance criteria. Collects data on the performance of groups of staff. Gives regular feedback to teams and senior staff as to team performance on work packages. |
| People processes (Level 5) | Participates, as appropriate, in formal processes such as compensation negotiations and disciplinary procedures. |
| Team dynamics (PEMT) (Level 5) | Integrates staff into teams to perform packages of work, taking account of individual and team capabilities. Consider the importance of skill mix within teams. Is sensitive towards team dynamics. |
| Transformation and change (PEMT) (Level 5) | Manages teams involved in significant transformation projects and/or during times of change, aligning change programmes with staff skills and capabilities. Supports staff, through difficult and challenging change programmes. |
| Work allocation, support and delegation (PEMT) (Level 5) | Allocates responsibilities, including supervisory and assigns packages of work to groups of staff. Ensures that work packages are aligned with the particular skills and abilities of teams. Supports teams in the delivery of work packages. Delegates work to individuals and teams, taking full account of skills and capabilities. |
Behavioural Skills
| Title | Details |
|---|---|
| Ambiguity | Comfortable dealing with ambiguity and operating in environments that evolve and change. |
| Analytical Thinking | Acquiring a proper understanding of a problem or situation by breaking it down systematically into its component parts and identifying the relationships between these parts. Selecting the appropriate method/tool to resolve the problem and reflecting critically on the result, so that what is learnt is identified and assimilated. |
| Attention to Detail | Applying specific quality standards to all tasks undertaken to ensure that deliverables are accurate and complete. |
| Conceptual Thinking | Acquiring understanding and insights regarding the underlying issues in complex problems or situations through the development of abstract representations, the identification of patterns and the analysis of hypotheses. |
| Decision Making | Making decisions at the appropriate time, taking into account the needs of the situation, priorities, constraints, known risks, and the availability of necessary information and resources. |
| Delegation | Delegating tasks, responsibilities and authorities effectively. |
| Follow-up and Monitoring | Checking progress against targets, taking action to resolve exceptions/ issues and reporting and escalating where necessary. |
| Goal Orientation | Maintaining focus on agreed objectives and deliverables. |
| Holistic Thinking | The ability to place problems in the context of the wider business landscape or area of interest. Understanding how different business functions work together to achieve shared goals. |
| Influence, Persuasion and Personal Impact | Conveying a level of confidence and professionalism when engaging with stakeholders, influencing positively and persuading others to take a specific course of action when not in a position of authority. |
| Information Acquisition | Identifying gaps in the available information required to understand a problem or situation and devising a means of resolving them. |
| Initiative | Being proactive, anticipating opportunities for systems, service or product improvement or development and taking appropriate action(s). |
| Interacting with People | Establishing relationships, contributing to an open culture and maintaining contacts with people from a variety of backgrounds and disciplines. Effective, approachable and sensitive communicator in different communities and cultures. Ability to adapt style and approach to meet the needs of different audiences. |
| Leadership | Clearly articulating goals and objectives, and motivating and leading others towards their achievement. |
| Organisational Awareness | Understanding the hierarchy and culture of own, customer, supplier and partner organisations and being able to identify the decision makers and influencers. |
| Providing Direction | Directing others to undertake specified tasks within a defined timescale. |
| Resilience | Demonstrates resilience when working under pressure, displaying a calm and rational approach to the task at hand. |
Technical Skills
| Title | Details | Depth |
|---|---|---|
| Access Control Systems | Any tool or system which provides security access control (i.e. prevents unauthorised access to systems). | Proficient in |
| Analytical Tools | Analytical, statistical and machine learning tools appropriate to the organisational environment. Able to apply these tools and techniques to meet the requirements of stakeholders. | Proficient in |
| Application Systems | Technical or functional understanding of Commercial Off-the-Shelf (COTS) applications and/or other bespoke software deployed within the organisation in order to provide system configuration, audit, technical, and/or functional support. | Familiar with |
| Big Data | The discipline associated with data sets so large and/or complex that traditional data processing applications are inadequate. The data files may include structured, unstructured and/or semi-structured data, such as unstructured text, audio, video, etc. Challenges include analysis, capture, curation, search, sharing, storage, transfer, manipulation, analysis, visualization and information privacy. | Aware of |
| Business Environment | The business environment relating to own sphere of work (own organisation and/or closely associated organisations, such as customers, suppliers, partners and competitors), in particular those aspects of the business that the specialism is to support (i.e. localised organisational awareness from a technical perspective). | Proficient in |
| BYOD | The policy of permitting employees to bring personally owned mobile devices (laptops, tablets, smart phones etc) to their workplace, and the implications of using those devices to access privileged company information and applications consistent with safeguarding corporate systems and data taking account of security and confidentiality requirements. Also called bring your own technology (BYOT), bring your own phone (BYOP), and bring your own PC (BYOPC). | Proficient in |
| Cloud/Virtualisation | The principles and application of cloud/ virtualisation (including ownership, responsibilities and security implications). Use of tools and systems to manage virtualised environments. | Familiar with |
| Configuration Management | The discipline that gives precise control over IT assets and components by recording and maintaining information about the 'configuration items', including hardware devices, computer programs, software licences, documentation, network devices, and data centre facilities (virtualised and static). | Familiar with |
| Corporate, Industry and Professional Standards | Applying relevant standards, practices, codes, and assessment and certification programmes to the specific organisation or business domain. | Proficient in |
| Cyber Security Concepts | The understanding of cyber security concepts and ability to effectively translate and accurately communicate security and risk implications across technical and non-technical stakeholders so that they are understood and applied. | Expert in |
| Infrastructure Configuration | Knowledge and understanding of infrastructure configurations. | Familiar with |
| Infrastructure/System Security | The security threats and vulnerabilities that impact and/or emanate from system hardware, software and other infrastructure components, and relevant strategies, controls and activities to prevent, mitigate, detect and resolve security incidents affecting system hardware, software and other infrastructure components. | Expert in |
| IT Environment | The IT environment relating to own sphere of work (own organisation and/or closely associated organisations, such as customers, suppliers, partners), in particular own organisation's technical platforms and those that interface to them through the specialism, including those in closely-related organisations. | Proficient in |
| Middleware | Software which forms part of the operating platform infrastructure. | Familiar with |
| National/International Standards | Current and emerging standards associated with IT practice nationally and internationally, published by authorities such as IEEE, IEC, BSI, ISO. | Proficient in |
| Network Data Security | Network security and threat mitigation, including physical, electronic, firewalling, encryption, access, and authorisation; protecting data at rest and in transit; defending against viruses and malware; the impact of Big Data; and the integration of robust security controls into enterprise services and policies. | Proficient in |
| Network Traffic Analysis | Methods and techniques for the capture of traffic information (packet level) and the forensic analysis of this information into its constituent elements. | Proficient in |
| Networking and Communications | The planning and management of the interaction between two or more networking systems, computers or other intelligent devices. | Proficient in |
| Operating Systems | System software that controls activities such as input, output, dynamic resource allocation, and error reporting, within the operation of a computer configuration. | Proficient in |
| Operational/Service Architecture | Knowledge of the IT/IS infrastructure and the IT applications and service processes used within own organisation, including those associated with sustainability and efficiency. | Familiar with |
| Own Organisation's IT Products and Services | The IT products and/or services supplied to internal and external customers by own organisation. | Familiar with |
| Security Software, Tools and Techniques | Specialist tools and techniques used in the pursuit of vulnerability management, penetration testing , digital forensics and other security management disciplines for bug-hunting, abstract interpretation and program analysis, binary analysis and reverse-engineering, exploit development, source code analysis, and static and dynamic application security testing (SAST/DAST) etc. | Proficient in |
| Third Party IT Products and Services | The IT products and/or services supplied to own organisation by external suppliers. | Familiar with |
Other Skills
| Title | Details | Depth |
|---|---|---|
| Appraisal Techniques | Methods and techniques for appraising an individual's performance and potential. | Proficient in |
| Budgets | Principles, methods, techniques and tools for the preparation and monitoring of budgets to manage costs and ensure cost-effectiveness and value for money. | Familiar with |
| Coaching Techniques | Methods and techniques for coaching individuals or groups by a balanced combination of support and direction, which could include use of virtual learning environments plus add-ons to augment feedback specific to work items, workflow or career plans. | Proficient in |
| Disciplinary Issues and Procedures | Managing episodes of unsatisfactory behaviour or performance in accordance with appropriate policies and legislative conformance. Includes changes to circumstances, such as sickness, disability and other personal issues. | Familiar with |
| Document Management Techniques | Methods and techniques for the organisation, storage and version control of information in both paper and electronic formats. | Proficient in |
| Financial Management | Knowledge of Financial Management and Management Accounting. Competent management of costs, budgets and cash flow. | Familiar with |
| Legislation | Relevant national and international legislation. | Proficient in |
| Literature Search | Methods, techniques and tools for searching and obtaining relevant knowledge from published literature. | Proficient in |
| Network Data Gathering Techniques | The selection, implementation and application of network data gathering methods, tools and techniques that are appropriate to the information required and the sources available. | Proficient in |
| Performance Monitoring | Identifying, agreeing and monitoring (usually by face-to-face interviews) objectives and deliverables with individuals. Identifying under-performance issues against agreed quality standards and performance criteria. Identifying gaps in capability and causes, disciplinary or ability-related (needing assistance, training or other support). | Proficient in |
| Presentation Techniques | Methods and techniques for delivering effective and accessible presentations, either face-to-face or online within various contexts and to a variety of audiences. | Proficient in |
| Process Documentation Techniques | Principles, methods and techniques for establishing, documenting and maintaining processes. | Familiar with |
| Process Improvement Techniques | Methods, tools and techniques to analyse and optimise processes in order to improve the quality of a product or service. | Familiar with |
| Project Planning and Control Techniques | Methods and techniques associated with planning and monitoring progress of projects. | Familiar with |
| Report Writing Techniques | Methods and techniques for writing clear, accessible and persuasive reports. | Proficient in |
| Research Techniques | Methods, techniques and tools for the systematic discovery, analysis, and reporting of knowledge about all aspects of information systems. | Proficient in |
| Resource Allocation | The effective and efficient routine deployment of resources, (but also including reassessment and reallocation in a dynamic multi-project environment), to achieve optimum results. | Proficient in |
| Risk Management | Methods and techniques for the assessment and management of business risk. | Proficient in |
| Stakeholder Engagement | Establishing relationships, analysing perspectives and managing stakeholders from a variety of backgrounds and disciplines. Adapting stakeholder engagement style to meet the needs of different audiences. The identification of key business stakeholders and an assessment of their level of power and interests, and their perspectives to inform the way(s) in which they should be considered and managed. | Familiar with |
| Standards Writing Techniques | Principles, methods and techniques for establishing, documenting, and maintaining standards. | Familiar with |
| Team Dynamics | Knowledge and understanding of the psychological and environmental forces that influence the direction of team behavior and performance and the tools and techniques to improve team cohesion and performance. | Familiar with |
| Techniques for Effective Meetings | Methods and techniques for running effective meetings and for understanding and influencing the roles played by participants. | Familiar with |
| Threat Landscape | Knowledge and understanding of the threat landscape, regulatory and legislative requirements and awareness of industry good practice relating to information governance, privacy and security. | Expert in |
Training
| Title | Details |
|---|---|
| Data Protection and GDPR | Data protection legislation, regulatory framework and compliance, including GDPR (General Data Protection Act). |
| Diversity and Inclusion | Raise diversity in-the-workplace awareness in order to better understand how the world looks through the eyes of people of a different age, race, gender, sexuality, etc, improve communications with people from diverse backgrounds and reduce the levels of unconscious bias in decision-making. |
| Forensics | Tools, techniques and facilities available for carrying out security incident response related investigations. |
| Human Resource Planning | Techniques and practices involved in planning the numbers and types of personnel needed over time by a particular skillset, department or function within an organisation. |
| Local Area Networks | Features and characteristics of local area networks relevant to installation and support of hardware and software components. |
| Mentoring | Methods and techniques for providing mentoring support to less experienced individuals. |
| Protocol Analysis | Communication protocol analysis techniques and interpretation of results. |
| Security Software | Understanding the security threats and vulnerabilities that impact and/or emanate from system hardware, software and other infrastructure components and relevant strategies, controls and activities to prevent, mitigate, detect and resolve security incidents. For example access control software like Active Directory (AD). |
| Service Delivery | The service delivery processes: the systems, products, services, hardware and software environment. |
| Software Configuration | Installation, configuration and tuning of applications or systems software. |
| Wide Area Networks | Features and characteristics of networks configured over a wide area i.e. beyond the geographical boundaries of a single site. |
Professional Development Activity (PDA)
| Title | Details | PDA Group |
|---|---|---|
| Deputising | Standing in for supervisor or manager on a temporary basis during periods of absence. | Broadening Activities |
| Gaining Knowledge of Broader IT Issues | Increasing and maintaining currency of knowledge of broader IT issues through reading, attending and participating in seminars or conferences, special studies, temporary assignments etc. | Increasing Knowledge |
| Gaining Strategic Knowledge of Employing Organisation | Developing a comprehensive understanding of the business environment in which the employing organisation operates and its position, policies and direction in relation to health and care, country and global issues. | Increasing Knowledge |
| Job Shadowing and Special Assignments | Undertaking temporary periods or secondments in other roles, particularly those that offer a new perspective on own function or exposure to other environments and cultures. | Broadening Activities |
| Management Development | Undertaking learning and best practice of the skills appropriate to managing all or part of an organisation, including business and financial management, benefits management, people management, management of change and strategic planning. This will require both on and off the job learning and may include participation in an appropriate development programme such as MBA or DMS (Diploma in Management Studies). | Developing Professional Skills |
| Mentoring | Acting as a mentor, advising those for whom there is no direct responsibility, on matters to do with their job role, career and professional development. | Broadening Activities |
| Negotiating and Influencing | Undertaking learning and practice of negotiating with and influencing others. | Developing Professional Skills |
| Participation in Professional Body Affairs | Taking an active part in professional body affairs at branch, specialist group, committee or board level. | Participation in Professional Activities |
| Project Assignments | Participating in a project team, working group or task force established to deliver a solution to a specific problem or issue - especially valuable if the group is inter-disciplinary. | Broadening Activities |
| Research Assignments | Exploring a topic which is not part of own normal responsibilities and presenting findings to colleagues and/or management | Increasing Knowledge |
Qualification Components
| Title | Awarding Bodies |
|---|---|
| FEDIP Leading Practitioner | The Federation for Informatics Professionals |
| Certified Cyber Professional (CCP) | NCSC National Cyber Security Centre |
| Chartered Cyber Security Professional (ChCSP) | The UK Cyber Security Council |
| CISM Certified Information Security Manager | ISACA |
| CISSP Certified Information Systems Security Professional | (ISC)2 International Information Systems Security Certification Consortium |
| CSX P Cybersecurity Practitioner Certification | ISACA |
| ISSMP Information Systems Security Management Professional | (ISC)2 International Information Systems Security Certification Consortium |
The Professional Body Responsible for this job family is BCS. This job role profile was created in collaboration with BCS, using Role Model Plus.