Leads the provision of authoritative advice and guidance on the requirements for security controls in collaboration with experts in other functions such as legal and technical support. Operates as a focus for IT security expertise for the organisation, providing authoritative advice and guidance on the application and operation of all types of security control, including legislative or regulatory requirements such as data protection/GDPR and software copyright law.