Be at the heart of actionFly remote-controlled drones into enemy territory to gather vital information.

Apply Now

CISO

Nominet
Oxford
1 week ago
Create job alert

Overview

We’re Nominet – a world-leading domain name registry operating at the heart of the UK internet. While we're best known for running .UK domains, our DNS expertise also underpins critical internet infrastructure that government services, including the NHS, rely on.

As a public benefit company, our work has a positive impact on society. We’ve donated millions to projects that use technology to improve people’s lives and have committed to delivering £60m worth of support over the next three years.

The Role

The Role: We are looking for a Chief Information Security Officer to deliver an industry leading security posture at Nominet. This is a critical role with responsibility for all aspects of Information Security.

The role will ensure Nominet remains at the forefront of regulatory compliance and standards while delivering exceptional operational performance across the business. You will work with our engineering teams to help underpin and realise our ambition to become a world class software company. Protecting the Nominet from security threats and cyber risk is of paramount importance for a company running critical national infrastructure and this role is pivotal to upholding security standards through a period of business change.

Reporting to the CTO, the CISOis a key member of the extended leadership team whose purpose is to be an advocate for Nominet’stotal information security needs. The CISO is responsible for the development, direction, management and delivery of information security across the business both internally and externally. The role will encompass communications, applications and infrastructure, including the policies and procedures which apply across the company.

As CISO you will leadthe on-going development and implementation of a security program that involves all business teams. Leading information security governance to advise the senior leadership team and the executive team on security direction while ensuring risk management is managed effectively with appropriate policies and controls.

What You\'ll Be Doing

  • Support and drive Nominet’s ambitiontobecome a ‘World Class Software Company’
  • Functional Leadership
  • Deliver a Secure and Resilient business
  • Ensure security and resilience remains a priority in the delivery of Nominet’s group operations
  • Maintain a current understanding of the IT threat landscape for the industry
  • Enhance, develop and maintain key operational procedures with a standards-based approach for all security work, ensuring effective development and operational compliance to applicable recognised standards
  • Lead the security requirement inputs for key transformation projects
  • Operate as Nominet’sSecurity Ambassador both Internally & Externally – championing Nominet’s role in the industry
  • Develop and embed a security focused culture across the organisation. Communicate best practices and risks to all parts of the business. Make sure that cyber security policies and procedures are communicated to all personnel and that compliance is enforced
  • Brief the Board, Executive Team, senior management team and other key stakeholders on status and risks
  • Be a key partner to the CTO in helping to create strategy and process that will further the work of the organisation and ensure Nominet has the highest possible operational and technical security procedures in line with expectations of an operator of Critical National Infrastructure
  • Ensure Business Continuity
  • Ensure Business Continuity
  • Support New Business Development
  • Contribute to the development of key internet and security standards
  • Develop relationships with existing CERT and responder community, looking to proactively develop new ideas

About You

The criticality of this position requires a leadership approach that is engaging, imaginative, and collaborative, with a sophisticated ability to work with other leaders and external partners. There is a balance to be found between security strategy,good practice and other priorities at an organisation wide level, e.g., project delivery with clear security guardrails. This position needs a proactive and enthusiastic team lead who is excited by managing technology to deliver world-class data support to the Nominet business.

Must Haves

  • 10 years+ experience working in an IT-Security role
  • 5 years+ in lead or management positions
  • A good understanding of Internet, DNS, threat analytics, networking and infrastructure technologies
  • In-depth knowledge of current security threats and issues as well as mitigation techniques
  • Skilled in policy debate and discussion
  • Experience working on committees and working groups with an ability to drive decisions through consensus
  • Digital leadership skills – capable of empowering and leading a security team to meet business and security goals
  • Solid people management skills – providing direction, monitoring performance, motivating staff and building a positive working environment
  • Ability to adapt to a fast-moving threat landscape and keep pace with latest thinking and new security technologies
  • Analytical mind capable of managing numerous information sources and providing data analysis reports to senior management
  • Strong customer focus – able to meet the demands of internal and external customers
  • Excellent communication skills – providing verbal and written communication that is outstanding to both direct reports and senior management as well as other stakeholders
  • Flexible and adaptable – capable of changing direction where required and showing flexibility to meet new demands
  • Creative thinking – able to look at alternatives and consider new ways of thinking to problem solve
  • Proven experience with:
  • Developing and delivering security strategies ideally in the environment of critical national infrastructure
  • Working with Board and Executive level management
  • Developing compelling and impactful business cases and presentations
  • Experience with Cyber Essentials, ISO 27001/2 (or BSI equivalent) standards desirable
  • Previous government security clearance, e.g., SC/DV

Working at Nominet

Our people make things happen, but our values are our compass as a company, guiding our day-to-day work and building our culture. They reflect that we\'re strongest when we\'re proactive and pull together, while underlining the importance of a "glass half full" mindset and aiming to keep things simple for success.

What We Offer

  • Early Finish Friday – Working week of 34 hours with full-time pay. (Finish at midday on Friday)
  • 30 days of annual leave plus bank holidays, with the ability to purchase an additional 5 days
  • Bupa private healthcare + Employee Assistance Programme
  • Electric vehicle scheme with on-site charging points
  • Rewards platform with access to discounts at hundreds of shops, restaurants etc.
  • Medicash discounts on routine healthcare including optical, dental and much more
  • Company and individual performance-based annual bonus

Diversity Statement

We\'re passionate about creating a workplace where every individual is valued, respected, and empowered. Somewhere we can benefit from all forms of diversity and discover the true value in our differences. If there are any adjustments we could make to the recruitment and selection process to support you, please let us know

Security Statement

Nominet is committed to the safeguarding and welfare of the internet and expects all employees and volunteers to share this commitment by participating in the relevant security and screening processes. All roles working for Nominet will be subject to a Baseline Personnel Security Standard (BPSS) check. Some roles due to the nature of their work, will require additional security clearance.


#J-18808-Ljbffr

Related Jobs

View all jobs

CISO

CISO

CISO

Head of Event Marketing

Production IT Specialist

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Why Cyber Security Careers in the UK Are Becoming More Multidisciplinary

Cyber security used to be viewed primarily as a technical discipline: firewalls, encryption, intrusion detection, penetration testing. In the UK today, it’s far broader. Organisations now face complex legal frameworks, ethical dilemmas, human-behaviour risks, communication challenges & usability hurdles. This shift means cyber security careers are becoming more multidisciplinary. From protecting NHS patient records to defending financial services, securing supply chains & safeguarding national infrastructure, cyber security now touches every sector. Employers increasingly want professionals who understand law, ethics, psychology, linguistics & design alongside traditional technical skills. In this article, we’ll explore why UK cyber security careers are expanding in this way, how these five disciplines shape the profession, and what job-seekers & employers need to know to thrive in this new landscape.

Cyber Security Team Structures Explained: Who Does What in a Modern Cyber Security Department

Cyber security has become a top priority for UK organisations of all sizes. From small businesses to financial institutions, healthcare providers, and government bodies, the risk of cyber attack is now a constant concern. Threats are more sophisticated, regulations more demanding, and customers more aware of data privacy than ever before. But defending against cyber threats isn’t simply about having the right tools — it’s about having the right team. A modern cyber security department relies on clearly defined roles and responsibilities to ensure that defences are proactive, incidents are managed swiftly, and compliance is maintained. This article explains the structure of a modern cyber security team, the roles you’ll typically find within it, how they collaborate, and what skills, qualifications, and salaries are expected in the UK job market.

Why the UK Could Be the World’s Next Cyber Security Jobs Hub

Cyber security has become one of the defining challenges of the digital age. From protecting personal data and financial transactions to defending national infrastructure and corporate systems, the demand for strong cyber defences has never been higher. As businesses, governments, and individuals depend more heavily on digital services, the scale and sophistication of cyber threats have risen dramatically. Ransomware attacks, data breaches, state-sponsored cyber operations, and insider threats are now everyday risks. In response, organisations worldwide are investing heavily in cyber security talent. The United Kingdom is uniquely positioned to become a global cyber security jobs hub. With its strong tech sector, world-class universities, advanced defence capabilities, and established financial markets, the UK already has the foundations. The question is whether it can scale up, attract, and retain the right talent to meet global demand. This article explores why the UK is poised to become the world’s next cyber security jobs hub, the opportunities available, the challenges ahead, and what needs to happen for this vision to be realised.