Skip to main content
Job ID Date Posted Location
1900IF 06/25/2019 Maidenhead
Work Location Job Type Contract Type
Maidenhead Office (Star House) Professional Full-time
Hours Per Week Shift Pattern Closing Date
37.5 Standard N/A

At Three, our goal is to be the best loved brand by our people and customers by 2021 by being Customer Driven, Agile and Collaborative in the way we work. To enable this, our Tech and Ops Transformation will help to ensure end-to-end ownership and clear accountabilities, as well as our competitiveness as a business through our Centres of Excellence.

We are on an exciting journey of technology and business transformation embarking on the 1st Telco cloud based operating systems and leading the development of new standards and processes. We are looking for security professionals with strong technology compliance knowledge and a strong understanding of technology deployment but importantly experts who can ensure we have the best security processes and frameworks within the industry.

In order to provide support and stability to our new technology, we are looking for a senior security compliance to lead and mature
 a centre of excellence that ensures the delivery of compliance against industry standards frameworks. You will lead the review or manages third party reviewers in support of audit of Technology and Operations activities and identify areas of risk and specify interrogation programmes to ensure a safe, secure and effective operation, whist consulting with the business on all aspects of security.

This is a fantastic opportunity to be part of our new operating model, supporting with the setting up and maturing of our new centre of excellence. We have never had this type of focus on Operations before, and this role is a real opportunity to help bring to life how operations can drive the value directly back to Three, with involvement in the process from the start.

This role is accountable for leading the Technology & Operations specific organisational procedures for the internal or third-party assessment of an activity, process, product or service, against recognised criteria and standards

Accountable for the development of plans for review of management systems, including the review of implementation and use of standards and the effectiveness of operational and process controls. 

Accountable within Technology and Operations for the independent assessment of the conformity of any activity, process, deliverable, product or service to the criteria of specified standards, best practice, or other documented requirements 
Planning cycle for this role is annual to support audit activities

  • Authorises the issue of formal reports to management on the extent of compliance of systems with standards, regulations and/or legislation. 
  • Manages the review, conducts the review or manages third party reviewers in support of audit of Technology and Operations activities and identifies areas of risk and specifies interrogation programmes. 
  • Ensures clear and comprehensive security architecture standards are in place: IT Security architecture principles are defined, documented (in the form of blueprints, designs, diagrams, tables and models), regularly reviewed and updated, providing guidance to partners. 
  • Owns the repository of standards which provides guidance to employees: ensuring processes are defined, documented and available for employee use to minimise dependence on individuals and empowering employees to learn and develop their understanding and skills. 
  • Leads the teams that own the security process to ensure Three collects and provides law enforcement officials with intercepted communications of private individuals or organizations. This is a legally sanctioned official access to private communications. 
  • Leads the teams that ensure that the policy and standards for security administration are fit for purpose, current and are correctly implemented. 

  • Demonstrable experience of leading large scale delivery of compliance against industry standards frameworks, e.g. NIST SP800-53, ISO27001, Cyber Essentials  
  • Industry or academic credentials in security or risk management, e.g. CISM, CISSP or relevant graduate degree  
  • Requirement to be security cleared/clearable to DV level as part of role. 
  • Leadership and managerial experience at a senior level demonstrating strong stakeholder relationship management.  
  • The ability to bring thought leadership to their area, decompose problems, collaborate, deliver sound decision making and communicate effectively. 
  • Proven ability to develop, coach and motivate people, recognise gaps and build plans to develop capability. Experience in building empowered, trusted teams.  
  • Has clear experience of their domain with knowledge of technologies, frameworks and standards and how to successfully apply these, through improvement roadmaps, to drive incremental maturity improvements and outcomes. 
  • Understanding of marketing led / consumer brands and the importance of customer experience. 
  • An ability to work in a service orientated environment and the importance of this in product development. Will understand the end to end workings of our business and the impact of key trading and operational decisions 
  • Ability to advise on and support the creation of strategies and visions with a proven record of translating these into operational plans that maintain a people and customer experience focus.  
  • Ability to adapt plans to changing needs. 
  • A background on using insight and tracking performance to enable quality decision making, and will be able to articulate the benefits or drawbacks of such decisions 
  • Proven record of working in an ambiguous, fast paced delivery environment showing an ability to handle ambiguity and differing speeds of change.  
  • Comfortable with problem solving without knowing all the answers. 
  • Experience of working across multi domains to take a more enterprise wide view. 
  • Will have clear experience of working in a role managing complex operations and changes whilst being accountable for their budgets and value realisation.  
  • Will have solid financial acumen. 
  • Background of working in a heavily partnered environment where delivery success is highly reliant on the capabilities of our partners and our ability to support and deliver those outcomes together. 
For this role, candidates should also demonstrate: 
  • Out of hours availability required for this role  
  • Professional Business Continuity certification, e.g. BCM Practitioner or ISO22301 Certified accreditation.  
  • Sound understanding of security control standards such as ISO27001 

Can’t find the job you’re looking for?