Chief Information Security Officer Full Time

Northrop Grumman UK is seeking a senior individual to be the Director of UK Information Security and join our team of qualified, diverse individuals. The qualified applicant will become part of Northrop Grumman’s talented Global Information Security team responsible for delivering all levels of information security UK strategy and assurance in the UK.

As a leader in Northrop Grumman, you always act with integrity, and the highest ethical standards characterize everything you do. You enable your team to achieve predictable and balanced results, while satisfying the needs of internal and external partners. You treat all people with respect, and you model personal growth and continuous development. You know how to build an inclusive environment that attracts, retains, and inspires a diverse and engaged team. You develop trusted and valued customer relationships and communicate effectively, so that people throughout the organisation feel engaged and connected to their work. You deliver excellence, strive for continuous improvement and respond vigorously to change. You ensure that your team has the information and tools needed to perform at their best.

You demonstrate our committed pursuit of applying innovation to meet the requirements of our customers and you craft and execute strategies that result in sustainable value creation that delivers measurable results.

Key Responsibilities

• UK representation for Information Security back to NG Corporate. Direct, coordinate, plan and organize all activities and matters related to UK information security to avoid, prevent, detect, correct, or recover from threats to information or information systems and any corresponding incidents while ensuring corporate representation and visibility within sovereign constraints.
• Provide leadership, guidance and be accountable for identifying, assessing, and appropriately managing risks to Northrop Grumman and information systems and those of our customers.
• Oversee the options for addressing risk and work with business leadership to implement strategies, solutions and controls which appropriately and proactively mitigate those risks.
• Oversee the development, implementation and testing of appropriate security plans and risk reduction techniques necessary to protect against data loss, fraudulent access, espionage, sabotage, natural disasters, fire, utility failures and related situation in all areas where data is located and where data processing takes place.
• Provide proactive assurance of information security through continuous testing against Northrop Grumman, Northrop Grumman UK and Customer security criteria; identify continuous improvement opportunities and develop initiatives to further improve Information Security aligned to evolving business needs.

General Operational duties

• Provide information security leadership and manage associated financial and key performance indicators as well as providing information security leadership to our enterprise infrastructure and application service organisations.
• Be the focal point for all training, engagement and communications related to information security, establishing strong alliances across functional areas and our NGUK businesses and the wider Northrop Grumman Global Corporation.
• Build external customer and partner relationships and manage all key information security stakeholders’ expectations, ensuring Northrop Grumman and Customer specific security requirements are met.
• Remain compliant with all applicable Northrop Grumman Operating processes and procedures.

Other

• Will involve travel to other Northrop Grumman UK facilities, customer locations, and potentially some international travel (principally to specified Northrop Grumman US sites)
• Undertake any other reasonable task as requested in support of Northrop Grumman management.

Competency/Skill requirements

• Knowledge of UK government and wider best practice information security standards.
• Adept at problem-solving, with a keen attention to detail.
• Excellent interpersonal skills, able to engage effectively with a wide range of audiences/stakeholders.
• Proactive, self-motivated and able to work autonomously.
• Strong customer orientation.
• Highly-organised, proficient at workload management, prioritising appropriately to meet deadlines.
• Fluent in written and spoken English.
• An engaging and ‘can do’ attitude, able to influence opinion and decisions.
• Competent face-to-face presentation delivery.
• Strong integrity and resilience.

Essential criteria:

• Extensive experience of information security management in the UK defence, security or commercial sector.
• Significant experience managing and developing information security teams.
• Prior experience working in a multi-national corporation.
• Track record of working within an IT security infrastructure (network and servers) and services, including Cloud computing and associate tooling.
• Significant experience in risk management, business continuity and emergency response procedures.
• Experience of developing information security policy and standards.
• A formal qualification in information security management (CISSP, CISM CISA, or equivalent)
• Understanding of privacy requirements (including, GDPR).

Desirable criteria:

• Graduate in a cyber-related field.
• Knowledge of UK & US export control legislation is an advantage.
• Relationships or prior experience with UK and EU Governments in Cyber Policy and incident response

Other requirements

• Occasional out of hours cover as required to support business operations and continuity.
• Clearance requirements: You must be able to gain and maintain the highest level of UK Government clearance
• Current UK driving license.

Northrop Grumman is committed to hiring and retaining a diverse workforce, and encourages individuals from all backgrounds and all abilities to apply and consider becoming a part of our diverse and inclusive workforce.

C1ISO