Purpose of Role:This position provides subject matter expertise with regards to cyber security standards and compliance requirements. Supports cyber security efforts, including the development and execution programs promoting business unit compliance and awareness. Supports the design, implementation and maintenance of Group-wide Security standards, policies and control objectives. Reports to the IT Director.Identifies existing and emerging statutory, regulatory, and contractual cyber requirements and develops strategy to incorporate/map required changes to digital security standards, policies and control objectives. Monitor and report on compliance requirements and programs.Identifies technical requirements and opportunities for improvements related to compliance, defense in depth, and best practices. Develop strategy, present options and recommendations. Drive key projects, solution evaluation and implementation to include transfer to operations.Evaluate and report on information security risks in a manner that meets compliance and regulatory requirements and aligns with and supports the risk posture of the BIS and the Smiths Group.Smiths is the leading provider of security equipment to the US government, foreign governments, and commercial interests, including but not limited to DHS, FPS, TSA, CBP, USMS, USSS, Air Cargo shippers, and many others.  It is important that the ISSO be aware of, and expert in many levels of equipment offerings.  The ISSO must understand the nature of real-time embedded systems and software, as well as networks of systems and larger integrated systems that can be built from component systems.Knowledge of standards applicable to the domain: ISO27001, DHS Management Directives (MDs), Information Technology (IT) Security Policies and Handbooks (e.g., DHS 4300A), as well as the procedures and tools to implement those policies.Department Description:The Information & Cyber Security function, is responsible for ensuring the secure design and delivery of the enabling infrastructure in line with best practice, international standards, defense-in-depth, and compliance requirementsResponsible for SDI cyber security principles, strategies, policies, guidelines, and control objectives.Supports mandatory statutory, regulatory, and contractual cyber controls.Responsible for promiting and supporting SDI cyber security and compliance awareness.Responsible for maintaining availability, support and capacity across the core network and delivery of systems and application servicesResponsible for managing internal and external auditsTeam Description:The Information/Cyber Security Team is part of the SDI business within the Smiths Group. It is our role to provide for the information security of Smiths assest and to make information security relevant, simple and transformational. We support our colleagues in achieving their goals in a secure manner, maintaining confidentiality, integrity and availability.Key Accountabilities or Duties:Develop, implement and monitor a strategic, comprehensive security compliance  management program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by SmithsDevelop, maintain and publish up-to-date security policies, standards and guidelines, and oversee training and dissemination of security policies and practicesCreate a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.Ensure that security programs are in compliance with relevant laws, regulations and policies to minimise or eliminate risk and audit findings (eg. NIST, ISO27001 and CESG 10 Steps)Understand and interact with stakeholders to ensure the consistent application of policies and standards across all technology projects, systems and services.Identify, develop and implement appropriate protective controls to protect Smiths from current and emerging Cyber ThreatsProvide Security thought leadership and support to the entire Information and Cyber Security Team and other stakeholders