Information Security Officer

Job description

Contract Terms

Starting salary: PO3 (£45,750 – £ 49,056) – PO4 (£49,056 – £52,194)
Work location: Hybrid 
Hours per week: 36 per week, full time 
Contract type: Permanent  
Closing date: Sunday, 22nd February 2026
Expected interview date: w/c 9th March 2026

About Haringey

Haringey is a fantastic place to live and work – the world in one borough. A place brimming with creativity, personality, radicalism, and community. It is a place where we stand up for each other. A place that is proudly distinctive. We’ll be celebrating all this and more as the “rebel borough” when we are the 2027 London Borough of Culture.

Our history champions change-makers and everyday rebels; revelling in our differences, battling discrimination, championing equality, and doing things our own way. Haringey’s people are a huge asset, with knowledge, expertise, and passion. Our staff members embody our organisational values: Caring, Creative, Courageous, Collaborative and Community-focused. These values keep us looking forward, ambitious for the future, and continuously striving to do our very best for all of our residents.

About the Role

This is an exciting opportunity to join Haringey Council as an Information Security Officer, playing a vital role in protecting the council’s digital infrastructure and ensuring the security, confidentiality, and integrity of our information systems. Working at the heart of our Digital and Change service, you will support a modern, cloud based organisation that uses Microsoft 365, Teams, and Windows 11 to deliver services across the borough.

You will work on everything from investigating security incidents and inappropriate system use to conducting risk assessments, assessing compliance, reviewing security controls, and supporting our ISO27001 Information Security Management System. You will also contribute to major council initiatives including our expanding project portfolio, increased data driven working, and the rollout of modern workplace tools across the organisation.

As a key member of the Incident Response team, you will translate complex technical information into business friendly language for senior leaders. You’ll also play an active part in raising cybersecurity awareness across the council, helping colleagues build good security habits that carry through both their professional and personal digital lives.

About the Team

You will join a small but highly skilled Information Security function within our wider Digital Services team. Digital Services has grown significantly over the last two years to support increased project demand, system modernisation, and data driven decision making. With this growth comes a heightened need for strong, proactive security oversight—which is where you come in.

Reporting to the Security & Compliance Manager, you’ll collaborate closely with colleagues across all areas of Digital Services, from apprentices and analysts to senior technical leads, and work directly with the Chief Executive, Councillors, service managers, and external partners. We foster a supportive environment built on continuous improvement, knowledge sharing, and professional development.

About You

You’re someone who combines technical expertise with strong communication skills and a passion for improving cybersecurity across an organisation.
You will bring:
• Experience in an information security role (typically at least two years), with a solid understanding of governance, risk, and compliance.
• Good knowledge of ISO27001—ideally with hands on involvement in maintaining or auditing an ISMS. If you don’t yet hold a qualification, we’re prepared to support you through formal training.
• Awareness of the Cyber Assessment Framework (CAF) or a willingness to learn, as we continue our CAF journey with MHCLG.
• Confidence investigating security incidents, assessing risks, and applying technical and procedural controls in a modern Microsoft cloud environment.
• A clear and practical understanding of GDPR / Data Protection Act 2018 and how to support services in maintaining compliance.
• Strong skills in O365 applications for reporting, manipulating data, and presenting insights to stakeholders.
• The ability to engage and influence colleagues at all levels—helping them understand what secure behaviour looks like and why it matters.
• A proactive mindset, attention to detail, and the ability to work independently when required, operating at SFIA Level 4 (Enable).
Qualifications such as CISSP, CISM, or CSSLP are welcome but not essential—we value experience, potential, and a commitment to continuous learning.

Working for Haringey

At Haringey Council we are committed to creating a workplace culture where all our people feel valued, included, and able to be their best at work, and we recognise the benefits of a diverse workforce so welcome applications from all ethnicities and communities so that we continue to make a difference to our residents and community.

Our benefits package includes a leave entitlement of 31 days + bank holidays, potential hybrid working opportunities, health and wellbeing support, a generous local government pension scheme and a range of discount schemes across leisure and culture that provide both financial and money-saving discounts.
Please note: we reserve the right to end this advert before the noted deadline if we receive sufficient applications. If you wish to apply for this role, please ensure that you do so as soon as possible.

Additionally, we are aware that automated emails may be diverted through to junk email folders. Please continue to check these through the application process. If you have any questions about the status of your application, please contact ResourcingHub@haringey.gov.uk