Location
Romford

Hours
Full Time

Salary
£54,267 - £58,461 per annum (Grade 9)

About the Role
We are seeking a strategic and technically skilled Information Security & Governance Specialist to lead the Council’s efforts in protecting its digital assets and ensuring robust information governance. This role sits at the intersection of cyber security, data protection, and organisational resilience—critical to delivering secure and trusted services to Havering’s residents and stakeholders.

The main duties and responsibilities include:
- Leading the development of organisational policies, standards, and guidelines for secure information and records management.
- Designing and implementing information security control frameworks to protect the Council’s systems and data from cyber threats.
- Driving the Council’s security management strategy, ensuring alignment with best practice and regulatory requirements.
- Monitoring and maintaining assurance across the availability, integrity, authenticity, confidentiality, and non-repudiation of organisational records.
- Delivering training and awareness programmes to embed a culture of security and privacy across all staff.
- Overseeing network security monitoring, breach investigation, and regular system testing to ensure continuous protection.
- Reporting on the Council’s information governance and security posture to senior leadership, with clear risk assessments and mitigation plans.
- Advising on information risk in major business proposals and coordinating with external agencies on cyber security matters.

Experience
- Degree or equivalent work-related attainment or experience.
- Relevant certifications such as CISSP, CISM, ISO 27001.
- Proven experience in developing and implementing policy and strategy in information governance and security.
- Expertise in information assurance, risk management, and stakeholder engagement.
- Strong leadership and decision-making skills, with the ability to manage and mitigate organisational risk.
- Excellent communication skills, capable of translating complex security concepts for technical and non-technical audiences.

About You
Strategic thinker with a strong technical background in information security and governance. You are confident leading initiatives that enhance organisational resilience and data protection. You possess excellent interpersonal skills to engage stakeholders at all levels and foster a culture of security awareness across the organisation.

Qualifications
Relevant professional certifications (e.g., CISSP, CISM, ISO 27001) are essential. A degree or equivalent experience is required.