Share this Job

Information Security Officer

Date: 07-Jan-2022

Location: Oxford, GB, OX4 4DQ

Company: Nominet


Our name may not be familiar, but you probably use our services every single day – ever visited a website ending in a .uk?

We’ve been running the national internet namespace for a quarter of a century, sitting proudly at the heart of the UK's critical digital infrastructure.  

Such a responsibility requires world-leading cyber security and we’re gaining a reputation for our innovative new security solutions, protecting our own systems and beyond. 

But we’re also a Public Benefit business. We invest in making a positive impact of the lives that are being most disrupted in our digital age: young people. We’re known as one of the UK’s leading ‘tech for good’ funders and the commitment to building a connected, secure and inclusive digital future drives everything we do. It’s not just rhetoric – ask our staff. 


At Nominet you can expect a competitive salary (depending on experience of course), plus excellent benefits including 30 days holidays, Healthcare, Pension Scheme, Life Assurance, Wellbeing allowance, Remote Working,  Flex benefits and much much more.




Do you have real interest and enthusiasm for information security? Do you want to help safeguard infrastructure and data systems that are at the heart of the internet? We have an opportunity to join Nominet’s information security team in a role that covers broad aspects of security and with real scope to help shape future security operations, bringing fresh and exciting ideas to the role. Security and resilience are top priorities, as Nominet systems are integral to the continued operations of the internet.


As Information Security Officer you will combine your knowledge of the security landscape and the tools which are used to monitor and mitigate against cyber threats, to provide insight and assurance of Nominet’s security risks. You will have responsibility for managing Security Operations which includes a small team and ongoing contracts with third parties.




  • Accountable for the maintenance and further development of security monitoring of Nominet infrastructure and data systems.
  • Working with the CISO in maintaining ISO27001, setting security strategy and policy
  • Working on various initiatives to promote a positive security culture with all staff and key stakeholders
  • Providing advice and insight to broader cyber security issues affecting Nominet
  • Responsible for the analysis and reporting on a wide variety of security data to provide situational awareness and trends in behaviours. Data sources include access logs, DNS data, intrusion detection systems and syslogs.
  • Responsible for assessments of security issues and making decisions on operational matters
  • Responsible for conducting security risk assessments on a wide variety of topics including IT systems and architecture, development processes and IT operations.
  • Provide guidance and recommendations on principles of security architecture such as Cloud, access control and end device management
  • Deputise for the CISO when required such as responding to audits, legal and compliance requirements or project sign-off.
  • Incident response to vulnerabilities found or active security incidents.
  • Identify and research future security initiatives to protect Nominet and its customers.
  • Communication of security issues, describing technical and non-technical findings in a way to suit your audience




  • You will have a strong interest in information security and emerging threats, as well as experience with the tools and processes used in an Information Security Management System.
  • Ability to lead a team and manage relationships with suppliers to maintain an operational function
  • Experience of analysing data such as system logs, firewall logs, Intrusion detection systems and access logs. Experience of using a SIEM is desirable but not essential
  • Understanding of network protocols and experience in analysis tools such as Wireshark
  • Ability to analyse complex data, make informed decisions and communicate effectively to the relevant audience
  • Understanding of security processes including vulnerability management, cyber threat monitoring and risk management processes
  • Security qualification such as CISMP, CISSP, CISM or degree in a computing-related or other numerate subject desirable but not essential

Job Segment: Information Security, Cloud, Technology