Job Description

About The Role

As a Council, we are striving to champion cyber and information security and are in the midst of delivering an incredibly ambitious agenda for change with a large emphasis on technological innovation. A key role in leading and delivering this change is the Head of Cyber and Information Security.



As part of this senior leadership role, you will be required to provide leadership across and beyond the Council to support, guide and direct the implementation of appropriate technical and organisational measures to ensure a level of security appropriate to the risk for all information assets.

Key Responsibilities:

Strategy:

Develop and deliver business-aligned information security strategic objectives. Establish and refresh annually a comprehensive information security framework and program. Create and report on information security success targets. Maintain a yearly information security roadmap aligned with business risk appetite. Present roadmap status updates to the board and executives.

Risk Management:

Conduct business and information security risk assessments. Manage third-party information security risk framework and program. Facilitate responses to internal and external security audits and assessments. Perform risk assurance reviews and assist in cyber insurance policy assessments.

Governance:

Provide guidance to board, executives, and business units on information security and risk. Develop executive-level security updates and reports for governance purposes. Lead the development of information security policies, standards, and controls. Collaborate with Information Governance to meet privacy legislation requirements.

Operations:

Deliver council-wide information security training and awareness programs. Develop and test incident response plans and manage incidents effectively. Coordinate penetration tests, disaster recovery, and business continuity planning. Ensure vulnerability and patch management services meet service levels. Oversee and manage the effectiveness of MDR, SIEM, and SOAR services. Own security risk assessments for applications, infrastructure, and network architecture.

Understanding the Business:

Develop a deep understanding of council, partners and local businesses, where relevant. Keep abreast of industry, regulatory, statutory and contractual obligations.

Regulatory Requirements:

Ensure compliance with council policies and regulatory requirements, including but not limited to the PSN, DPST, CAF, PCI-DSS.

Experience needed:

Strong Cyber leadership credentials including experience of successfully driving the cyber security agenda in a complex matrixed organisation, preferably in a local government authority. Proven ability to shape and then successfully execute an enterprise-level cyber security strategy in both technical, policy and process areas. Demonstrable experience of use and implementation of cyber security frameworks and practices. Demonstrated capability to plan over short, medium and long-term timeframes and adjust plans and resource requirements accordingly, whilst ensuring alignment with desired outcomes and organisational risk appetite. Highly effective oral and written communication and an ability to provide clear and concise advice to senior management regarding cyber security. Excellent stakeholder influencing skills at a senior level, with proven ability to engage support across the organisation for the cyber agenda. A leadership style of leading from the front, ensuring visibility, effectively engaging and communicating to staff and delivery partners regarding the criticality of cyber security and risk management. Extensive experience of executing cyber security approaches which conform to standard patterns of good practice. An expert in IT Risk Management with practical experience of delivering risk and information system control management. Professional certifications such as CISM, CISSP, CISA as a minimum.

Why join The London Borough of Tower Hamlets?

As the Head of Cyber and Information Security, you will play a key role in championing the technology initiatives for security. You will play a crucial role in the management of compliance and statutory risks and take the lead on horizon scanning, as well as reactive and preventative security management. This is a great opportunity to shape high- impact programmes as well as make strategic decisions to modernise and protect public services.

This recruitment is being managed by our specialist IT recruitment partners Keystream. When you hit apply, you will need to send your CV and supporting statement outlining how you meet the criteria outlined in the person specification, to the consultants at Keystream. By hitting apply, you will automatically open a blank email, which once you have added your application and documents to, you will be sending directly to Keystream. If you have any difficulties, you can contact Keystream directly via

towerhamlets@key-stream.com

Our Benefits

Salary range of 84,459 to 92,332. Local Government Pension Scheme membership. Generous annual leave: 29 days, rising to 33 with 5+ years' service, plus bank holidays and 3 additional days at Christmas. Flexible and agile working to support work-life balance. Staff money-saving schemes (e.g., rent deposit loans, season ticket loans). Learning and development opportunities through our

Learning Academy

, with clear career development and leadership pathways.

About Tower Hamlets

Tower Hamlets is a truly unique borough at the heart of London - a place where history and innovation sit side by side. From the docks and markets that shaped the East End to the global business hub of Canary Wharf, we are proud to be one of the most dynamic, diverse, and ambitious communities in the UK. We are also one of the fastest growing and youngest boroughs in the country, offering unrivalled opportunities to make a real difference to people's lives. Our residents are energetic, creative, and resilient, and our council is committed to delivering the best possible services and opportunities for them.



Our award-winning new Town Hall in Whitechapel provides a modern, flexible workplace for our staff, right at the heart of the borough and directly opposite Whitechapel Tube and Elizabeth line station. It is more than just a workplace - it's a hub for collaboration, innovation and community, designed to bring out the best in our people.



As an employer, we put equality, diversity, and inclusion at the heart of everything we do. Our active Employee Network Groups celebrate and champion our workforce, helping to ensure that everyone feels a sense of belonging. Guided by our TOWER values - Together, Open, Willing, Excellent and Respect - we are building a positive, inclusive culture where colleagues can thrive.



At Tower Hamlets Council, you'll find exciting challenges, supportive colleagues, and the chance to shape one of London's most important and vibrant places. If you're looking for a role where you can see the impact of your work every day, then Tower Hamlets is the place for you.