Job description
This role is to support the delivery of the Information Security Strategy across the BBC. Reporting to the Information Security Management Team, the candidate will be responsible for ensuring that data within the BBC is protected, in accordance with the needs of the business and according to Information Security principles of availability, integrity and confidentiality. It is also to provide advice and Security Consultancy to all areas of the BBC and its Third Party Partners.
Main Responsibilities- Support the ongoing development of information security delivery through the application of specialist knowledge and capability.
- Lead on the business relationships across the BBC, its 3rd party partners and suppliers; nurturing positive relationships to ensure constructive engagements.
- Provide pan-BBC security expertise and assistance to business areas and individuals on good practice and requirements, to ensure BBC Information is appropriately protected, providing constructive challenge and using persuasion and negotiation to drive policy compliance.
- Ensure knowledge and understanding keeps pace with the ever changing technologies and threats posed to the BBC.
- Plan, supervise and review workloads for officers / junior officer within the team undertaking appraisals of performance where appropriate.
- Provide day-to-day support and guidance to officers / junior officers and undertake line management of staff as required.
- Ensure that the officer workloads are managed in an equitable and efficient manner to meet any SLAs and deadlines agreed with the business and other Technology functions.
- Ensure knowledge transfer to other members of the Information Security team.
- Provide input into Information Security Bulletins on vulnerabilities that affect BBC Users and Divisions.
- Develop authoritative awareness materials and undertake Information Security briefs to staff at all levels from right across the BBC, including journalists, presenters, and managers responsible for strategy, who must fully understand the complex and ever-changing nature of the cyber-related risks they must counter.
- Report and escalate appropriately any identified risks or threats to BBC Data.
- Ensure guidelines for senior management are adopted.
- Act as an authoritative subject-matter expert: making recommendations to project teams, sponsors and senior management with regard to identified Information Security risks and formulating suitable recommendations and policies as required.
- Maintain high standards and reflect this through Information Security output.
- Facilitate the ongoing development of information security policy and processes.
- Produce regular management reports on the status of Information Security Tasks.
Essential for the role:
- Demonstrable broad-ranging and comprehensive knowledge of information security theory and practice.
- In-depth knowledge of relevant legislation, codes of practice, guidance and operating procedures.
- Proven track record of Information Security Delivery within the BBC.
- The ability to identify and solve varied problems by the application of a suite of complex tools and techniques.
- Highly effective and creative problem-solving skills, across a broad range of scenarios, that both deliver novel solutions and enable continual improvement in existing threat mitigation and counter measures.
- Ability to convey and explain complex technical information to non-technical staff.
- Ability to communicate and collaborate at all levels of the corporation, and externally.
- Demonstrable experience of writing information security reports, documentation and standards accurately and to designated timescales.
- Excellent written and verbal communication and presentation skills.
- Highly IT literate, able to work quickly and precisely on a variety of systems, often under pressure and to important deadlines.
- Confidence to make decisions where appropriate and to ask for assistance when necessary.
- Ability to manage multiple tasks and work streams effectively and prioritise accordingly.
- Be able to work on own initiative with minimal supervision.
- Agile & flexible.
Additional Desirables for Role;
- Previous experience of BBC or other Media organisations.
- An understanding of the culture and ethos of the BBC.
- View Security as an enabler to the business.
- Experience of working in an organisation with a distributed hierarchy and using multiple outsourced support companies.
- Understanding of how information security strategy aligns with business and technology strategies.
Qualifications:
- Formal information security qualifications such as CISSP, CISM, ISO27001 preferred but not essential.
We don’t focus simply on what we do – we also care how we do it. Our values and the way we behave are important to us. Please make sure you’ve read about our values and behaviours in the document attached below.
Diversity matters at the BBC. We have a working environment where we value and respect every individual's unique contribution, enabling all of our employees to thrive and achieve their full potential.
We want to attract the broadest range of talented people to be part of the BBC – whether that’s to contribute to our programming or our wide range of non-production roles. The more diverse our workforce, the better able we are to respond to and reflect our audiences in all their diversity.
We are committed to equality of opportunity and welcome applications from individuals, regardless of age, gender, ethnicity, disability, sexual orientation, gender identity, socio-economic background, religion and/or belief. We will consider flexible working requests for all roles, unless operational requirements prevent otherwise.
To find out more about Diversity and Inclusion at the BBC, please click here
Package Description
Band: D
Contract type: Permanent
Location: London or Salford
We’re happy to discuss flexible working. Please indicate your choice under the flexible working question in the application. There is no obligation to raise this at the application stage but if you wish to do so, you are welcome to. Flexible working will be part of the discussion at offer stage.
- Excellent career progression – the BBC offers great opportunities for employees to seek new challenges and work in different areas of the organisation.
- Unrivalled training and development opportunities – our in-house Academy hosts a wide range of internal and external courses and certification.
- Benefits- We offer a competitive salary package, a flexible 35-hour working week for work-life balance and 26 days (1 of which is a corporation day) with the option to buy an extra 5 days, a defined pension scheme and discounted dental, health care, gym and much more.
The situation regarding the coronavirus outbreak is developing quickly and the BBC is keen to continue to ensure the safety and wellbeing of people across the BBC, while continuing to protect our services. To reduce the risk access to BBC buildings is limited to those essential to our broadcast output. From Wednesday 18th March until further notice all assessments and interviews will be conducted remotely. For more information go to https://www.bbc.co.uk/careers/
Mae’r sefyllfa gyda’r coronafeirws yn datblygu’n gyflym, ac mae’r BBC yn awyddus i barhau i sicrhau diogelwch a lles pobl ar draws y BBC, gan barhau i warchod ein gwasanaethau hefyd. I leihau’r risg, dim ond y bobl sy’n hanfodol i’n hallbwn darlledu fydd yn cael mynediad i adeiladau’r BBC. O ddydd Mercher 18fed Mawrth ymlaen, bydd pob asesiad a chyfweliad yn cael ei gynnal o bell, nes rhoddir gwybod yn wahanol. I gael mwy o wybodaeth, ewch i https://www.bbc.co.uk/careers/