Head of Cyber

**Details**:
**Reference number**:

- 423418

**Salary**:

- £69,308 - £74,129
- Important information about pay - it is expected that from 1 October 2025 the pay for this role will be £72,717. In addition, once the role holder has completed their probationary period (usually 6 months) they will become eligible to receive a pay premium allowance of £5,454 per annum. This pay premium allowance is non contractual and non-pensionable.
- A Civil Service Pension with an employer contribution of 28.97%

GBP

**Job grade**:

- Grade 6

**Contract type**:

- Permanent

**Business area**:

- CO - Infected Blood Compensation Authority (IBCA)

**Type of role**:

- Security

**Working pattern**:

- Full-time

**Number of jobs available**:

- 1

**Contents**:

- Location
- About the job
- Benefits
- Things you need to know

**Location**:

- Newcastle-upon-Tyne

**About the job**:
**Job summary**:
The Infected Blood Compensation Authority (IBCA) is responsible for delivering a compensation scheme that has been long awaited by the infected blood community to provide financial compensation to victims of infected blood on a UK-wide basis.

It’s vitally important that we protect the highly sensitive and person data we have within IBCA. The data operations division are here to make sure that happens via safe and secure systems and this role will be responsible for delivering an optimised set of data infrastructure that is secure by design and maximises the use of data safely to enable IBCA to deliver a compensation service that those impacted deserve.

The work we do matters We need people who can help us deliver that ambition and that can support the speed IBCA needs to deliver without compromising the protection of our organisation and the data it holds.

**_ Opportunities to move to the new Infected Blood Compensation Authority (IBCA)_**
- Please note that the mission of IBCA means that it is likely to be operational for a period of approximately 5 to 7 years. When IBCA’s work begins to wind down, IBCA employees will receive support and practical guidance to find a new role, whether in the Civil Service, another Arms Length Body (ALB), or an external employer. _

**Job description**:
The Head of Cyber & Information Security is responsible for leading the organisation cyber and information security specialism including capabilities across Security Architecture, Infrastructure Engineering, Security Operations, and Information Security.

In this fast-paced role you will be responsible for defining and operating the cyber and information security strategy, security risk management, ensure compliance with security standards, anticipate challenges, drive performance and build the capability required to ensure the security of IBCA’s information and services.

As the Head of Cyber & Information Security, you will be responsible for:

- Developing and enforcing cyber and information security strategy, policies and operating model to protect sensitive data.
- Support the Senior Information Risk Owner (SIRO) in securing and assuring the department’s information and data assets by maintaining a clear view of critical and high-risk systems, reporting on controls and continuing to improve our maturity.
- Ensuring that controls around IBCA solution are appropriate and proportionate to the assessed risks, by embedding Secure by Design.
- Influencing IBCA’s culture surrounding cyber and information security and developing resilience that enables a responsive and adaptable environment to threats, vulnerabilities, business requirements and security and infrastructure best practice/policies.
- Delivery of threat intelligence, threat detection, incident response, vulnerability management and ethical hacking capabilities.
- Delivery and maintenance of the data infrastructure that supports IBCA ensuring they function efficiently and reliably.
- Lead the technical response to major cyber and information security incidents and critical vulnerabilities impacting the Cabinet Office
- Communicate regularly with senior leadership and stakeholders about the organisation's cyber and information security posture, threat landscape, and risk management efforts.
- Recruit, develop, and manage a team of cyber, information security and infrastructure engineer professionals, ensuring that they have the necessary skills and resources to perform their jobs effectively.

It is essential for this role that you are positive, resilient, collaborative and can handle working under significant time pressures.

**Main Responsibilities**
- ** Cyber and information security strategy and operating model**: Develop, implement, and enforce a security strategy and operating model through policies & frameworks.
- ** Incident response**: Plan and execute the organisations response to security breaches.
- ** Compliance**: Ensure adherence to relevant standards and delivery of high-quality outcomes on time and to budget.
- ** Risk management**: Identify, assess, and control thre