Cyber Resilience & INFOSEC Lead

Corporate Resources and Business Improvement

The Resources and Business Improvement directorate is led by Dianne Tranmer. It is responsible for: People Function, Facilities Management, Digital Experience Unit and Technology Group, Information Governance, Executive Support Team and leadership of all our shared services across the GLA Group.

About the team

This is a new role and forms part of a new structure and need at the GLA. It reports into the Director of Live Service, and initially part of a service team of 3.

About the role

To act as the strategic owner and senior security authority SME) for the GLA’s cyber security, information assurance and shared ICT services security posture. The role is required to address increasing cyber risk, assurance expectations, regulatory obligations, and the operational realities of a shared service model with Transport for London (TfL). It will provide sustained leadership, assurance and subject‑matter expertise beyond purely technical cyber functions, embedding cyber resilience, education and risk awareness across the organisation.

What your day will look like

• Review any security incidents reported and respond accordingly
• Deliver updates to the SLT on weekly, monthly dashboards reporting on tactical and strategic issues and opportunities
• Respond to any requests to work abroad requests
• Provide input into any project requests to provide any impact to Cyber stance
• Review and update any changes to policy following NCSC or other guidance
• Create, deliver proactive training updates via webinar, lunch and learn, core brief, media, comms

Skills, knowledge and experience

• Strong experience in cyber security management within a complex or shared‑service environment.
• Demonstrable understanding of NCSC principles, ISO 27001, and public‑sector security frameworks.
• Experience managing suppliers and outsourced security services.
• Ability to translate technical risks into business‑focused advice.
• Strong communication and stakeholder‑management skills.
• Creation and delivery of Security and Cyber strategies and operational assurance plans.

To be considered for the role you must meet the following essential criteria:

• CISM (Certified Information Security Manager)
• CISSP (Security & governance domains)
• ISO 27001 Lead Implementer / Lead Auditor
• Knowledge of SIEM/SOC environments
• Threat detection & vulnerability management
• Business continuity / disaster recovery

Desirable

• Exposure to smart city / data-sharing ecosystems
• Regulatory experience: UK GDPR + public sector frameworks
• Technical grounding: Architecture + cloud security awareness

Behavioural Competencies

• Leading & Influencing (communication, stakeholders)
• Delivering Results (execution, pragmatism)
• Thinking & Judgement (risk, strategy, ethics)
• Working Together (collaboration, partnerships)

The GLA Competency Framework Guidelines further detailing each competency and the different level indicators can be found here: GLA Competency Framework

How to apply

If you would like to apply for the role you will need to submit the following:

• Up to date CV
• Personal statement with a maximum of 1500 words. Please ensure you address how you demonstrate the essential criteria outlined above in the advert.

Please ensure your CV and Personal Statement have a maximum file size of 1.5MB each and upload your Personal Statement to the ‘CV and Cover Letters’ section’ of the form, ensuring you address the technical requirements and competencies in your Personal Statement.

Word or PDF format preferred and do not include any photographs or images. Please ensure your CV and Personal Statement are saved with the job reference number as part of the naming convention (E.g., “CV – applicant name - 012345)

As part of GLA’s continuing commitment to be an inclusive and equal opportunity employer we will be removing personal identifiable information from CVs and Personal Statements that could cause discrimination.

We may close this advert early if we receive a high volume of suitable applications.

If you have questions about the role

If you wish to talk to someone about the role, the hiring manager, Kieran Murphy would be happy to speak to you. Please contact them at Kieran.Murphy@london.gov.uk

If you have any questions about the recruitment process, contact the glaopdcrecruitment@tfl.gov.uk who support the GLA with recruitment.

This role DOES NOT meet the criteria for sponsorship for external candidates. It may meet the criteria for sponsorship for some internal candidates, in limited circumstances. Please contact the hiring manager if you wish to discuss this further.

Assessment process

All applicants should be eligible to pass DBS and / or BPSS checks and requirements. Check your eligibility here: DBS eligibility guidance - GOV.UK or United Kingdom Security Vetting: Applicant - GOV.UK

If shortlisted for interview – this is a two-stage process. 1st interview will involve a technical test lasting 10 minutes- These six questions will be used as part of the assessment process and suitability for the second stage, approximately one week after the initial interview.

Closing date for applications is Monday 22 June at 23:59:00.

Once you have submitted an application, your details will be reviewed by a panel.

If shortlisted, you’ll be invited to an interview/assessment.

The interview/assessment date is: Week commencing the 06th of July for 1st stage, 2nd Stage – Final Interviews Week commencing 20th July (may be subject to change)

Equality, diversity and inclusion

London's diversity is its biggest asset, and we strive to ensure our workforce reflects London's diversity at all levels. We welcome applications from everyone regardless of age, gender, gender identity, gender expression, ethnicity, sexual orientation, faith or disability.

We particularly encourage applications from Black, Asian and Minority ethnic candidates and disabled candidates who are currently underrepresented in our workforce.

We are committed to being an inclusive employer and we are happy to consider flexible working arrangements. We would welcome applications from candidates who are seeking part time work as this role is open to job share.

Please note we are a Disability Confident Employer so for candidates who wish to be considered under the scheme and meet the essential criteria, they will automatically be invited to interview. Please note, should you require any adjustments through the process, we will accommodate as much as possible. Please contact the recruitment team for further information if required.

Benefits

GLA staff are hybrid working up to 3 days a week in our offices and remotely depending on their role. As part of this, you will need to split your time between home working and coming into the office.

In addition to a good salary package, you will be paid every four weeks, providing frequent salary payments. We also offer an attractive range of benefits including 30 days’ annual leave, interest free season ticket loan, interest free bicycle loan and a career average pension scheme.

Additional Information

Please note, all candidates will need to confirm that the information provided in this application form is true and correct. Should a candidate deliberately give false information, including the use of AI software, they understand that this would disqualify them from consideration.

Successful candidates must undergo a criminal record (DBS) check, but some roles may require additional security screening.

More Support

If you have a disability which makes submitting an online application form difficult, please contact resourcingteam@london.gov.uk.