Subscribe

Search Museum Next

Information and Cyber Security Manager

  • Organisation:National Museum Cardiff
  • Location:Cardiff, Wales
  • Salary:£33,191.01 – £40,682.87 per annum
  • Contract type:Permanent / Full-Time

Main purpose of the role…

To protect the Museum’s information, data, network and systems, ensuring that they remain secure. The Information and Cyber Security Manager will make the Museum a model of good practice, will be committed to continuous improvement, take the lead on IT security matters and provide a focal point for all information and cyber security queries.

What you will do…

  • Be involved in the monitoring of all IT operations, systems and infrastructure using tools such as SIEM and NAC.
  • Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
  • Engineer, implement and monitor security measures for the protection of computer systems, networks and information.
  • To investigate suspected and actual security incidents in accordance with the security incident management standard, produce reports with recommendations and ensure any remedial action is taken.
  • To advise AC-NMW on all aspects of information security, governance and data management.
  • To develop and maintain the information security policy and accompanying standards, procedures and guidance to ensure that current legislation and policies regarding confidentiality, accessibility and integrity are firmly embedded.
  • Develop and implement information governance standards within the organisation to support compliance with current legislation, standards and directives.
  • To develop and deliver a programme of planned compliance reviews and ensure any gaps are addressed.
  • To promote cyber security awareness by developing and implementing a security awareness and training programme to staff at all levels.
  • Produce reports for the Senior Management Team (SMT) Digital Management Group (DMG), Information Asset Owners (IAOs) and the Senior Information Risk Owner (SIRO) and others as required
  • Work with external stakeholders and information security groups including Wales Government, Information Commissioner’s Office, Wales Audit Office, internal auditors and Accreditor organisations and others as required to improve and adopt current information security standards.
  • Manage the Cyber Essentials plus/IASME and GDPR annual accreditation processes
  • Keep abreast of emerging security trends, risks, new guidance or standards (internal and external) and security enhancing technologies
  • As a term of your employment you may be required to undertake such other duties and/or times of work as may reasonably be required of you, commensurate with your grade or general level of responsibility within the organization.

What you will achieve…

  • On-going compliance of the Museum’s information systems with the relevant legislation and data protection regulations.
  • Staff awareness of their obligations with regard to information security and the processing of personal data.
  • Secure Museum IT systems, protected from infrastructure and data breaches.

How you will achieve this…

  • By supporting the departmental vision, Digital Strategy, and the AC 10-year goals, through technology, skills and IT systems.

How you will support Amgueddfa Cymru’s corporate objectives…

  • To participate actively in supporting the principles and practice of equality of opportunity as laid down in Amgueddfa Cymru’s Equality & Diversity Policy.
  • To support the department’s compliance with Amgueddfa Cymru’s policies on Sustainability and the Welsh language.
  • To take reasonable care for the health and safety of yourself and other persons who may be affected by your acts or omissions and to comply with all health and safety legislation as appropriate.

We are looking for people who…

  • Is a motivated individual with a keen interest in IT security.
  • Works well in a team of technical people.
  • Has integrity and a strong drive to preserve privacy and discretion

The knowledge and qualifications you will need…

  • Certifications such as CISSP, GSEC, CEH or CISM desirable.
  • An understanding of cyber security best practices and how to implement them on a business-wide level.
  • Thorough understanding of the Data Protection Act, the General Data Protection Regulations, the Freedom of Information Act and other related legislation, standards and codes of practice.
  • Good working knowledge of information risk assessment and management.

The experience you will need…

  • At least 2 years’ experience in a cyber and/or data security environment.
  • Information security management standards including Cyber Essentials Plus/IASME or ISO/IEC 27001.

The skills you will need…

  • Ability to present technical solutions to a variety of audiences and communicate effectively with all stakeholders.
  • A keen eye for detail and willingness to see processes through.
  • The ability to speak Welsh is desirable.
  • Have the ability to prioritise projects.
  • Comfortable working in a fast-paced environment.
  • To be a logical thinker with the ability to solve complex problems.

What we care about….

We encourage all of our staff to demonstrate our organisational values in their dayto-day role. The successful candidate will need to demonstrate how they live these values in their current work and life.

Creativity: We inspire creativity through our museums, collections and the skills of our staff and volunteers.
Responsibility: We are responsible towards each other, our visitors, the environment and the Welsh language, caring for each other’s well-being as well as the national collections.
Integrity: We act with integrity at all times, maintaining professional standards by being honest and trustworthy.
Equity: Our museums are inclusive, and we respect the diversity of both our staff and visitors.
Collaboration: We work collaboratively, with each other, with communities and with local, national and international partners.

Application Closing Date: 10 July 2022

Subscribe to the latest museum thinking

Fresh ideas from museums around the globe in your inbox each week