Job Description .buttontext1967aeac1bf131b4 a{ border: 1px solid transparent; } .buttontext1967aeac1bf131b4 a: focus{ border: 1px dashed #757575 !important; outline: none !important; }
.buttontextf4a8494fbc44c17a a{ border: 1px solid transparent; } .buttontextf4a8494fbc44c17a a: focus{ border: 1px dashed #757575 !important; outline: none !important; }
Job Requisition ID: 46798
Job Closing Date: Monday 29 June 2026
.buttontext711b5c6132c23abe a{ border: 1px solid transparent; } .buttontext711b5c6132c23abe a: focus{ border: 1px dashed #757575 !important; outline: none !important; }
HOW TO APPLY
The BBC has engaged an executive search firm, Christoph Zeiss Partners (Heads! International), to manage the selection process for this role. Please be aware that your application will be managed by Christoph Zeiss Partners, who will have access to your CV and personal details for the purpose of this vacancy only.
Should you want any further information about the role, or to speak with someone, please contact Richard Prentice of CZ Partners, at the following email address:
[email protected]
JOB DETAILS
JOB BAND: SL (Senior Leader)
CONTRACT TYPE: Permanent / Full Time
DEPARTMENT: Media Tech Group
LOCATION: Any UK hub (London, Cardiff, Salford, Newcastle, Glasgow) with hybrid working
PURPOSE OF THE ROLE
The BBC is seeking an exceptional Chief Information Security Officer (Cyber, Risk and Resilience) to build and lead a truly integrated enterprise resilience capability during a period of significant Product and Technology transformation.
As the BBC undertakes a major operating model transformation, the CISO function is being repositioned to reflect a progressive and forward-looking approach which brings together cyber security, technology resilience, service availability, business continuity, disaster recovery, supplier risk management and systemic technology risk within a single strategic framework. The CISO will define the vision, set enterprise standards and guardrails, provide independent challenge to key decisions, surface risk and resilience trade-offs, and ensure that resilience is designed into products, platforms and services from inception.
The role is accountable for ensuring that the BBC can continue to deliver its most critical public services in the face of cyber threats, technology failures, supplier disruption, infrastructure outages and other systemic risks, and for creating a culture in which risk is explicit, understood and actively considered in strategic and operational decision-making. Working closely with executive leadership and the Board, the CISO will ensure that material risks are identified, prioritised, transparently articulated and appropriately owned across the enterprise.
WHY JOIN THE TEAM
You will lead an established, visible group-wide function at a pivotal moment for the BBC. The role combines public purpose, Board-level influence and genuine enterprise impact, shaping how the BBC protects its audiences, people, journalism, platforms, and critical services, while enabling ambitious product and technology change.
This is a unique opportunity for a leader who thrives on enterprise accountability, values constructive challenge and is passionate about building resilience as a strategic business capability.
YOUR KEY RESPONSIBILITIES AND IMPACT
Define and lead the enterprise Cyber, Risk and Resilience strategy across Media Technology, ensuring alignment with Group Product & Technology priorities and broader organisational objectives, while partnering with business leaders to embed resilience into critical services and strategic outcomes.
Own the enterprise cyber security strategy, threat posture and resilience roadmap, ensuring the organisation can anticipate, withstand, respond to and recover from cyber, technology and operational disruption.
Establish enterprise-wide security, resilience and risk management frameworks, standards and governance across cloud, on-premise, broadcast and emerging technology environments.
Define and maintain the enterprise resilience model, including service criticality classifications, resilience-by-design principles, recovery objectives and disaster recovery capabilities across complex and interconnected technology estates.
Provide executive oversight of systemic technology and operational risks, including legacy technology exposure, cloud concentration risk, supply chain dependencies and emerging threats.
Ensure security and resilience standards are consistently applied across the organisation, with all exceptions, residual risks and control gaps formally assessed, understood and governed through appropriate executive and Board-level forums.
Lead the articulation of enterprise risk trade-offs where resilience, cost, innovation and delivery priorities intersect, ensuring decisions are informed by risk appetite and organisational objectives.
Own the enterprise cyber, risk and resilience reporting agenda, providing transparent insight, assurance and recommendations to the Executive Committee, Audit & Risk Committee and Board.
Act as the organisation’s senior authority on cyber security, technology resilience and systemic risk, providing independent challenge and strategic counsel to executive leadership.
YOUR SKILLS AND EXPERIENCE
ESSENTIAL CRITERIA:
Track record of building and leading high-performing Cyber, Risk and Resilience functions spanning cyber security, security architecture, security operations, resilience, risk management and compliance.
Demonstrable in-depth experience of leading enterprise business continuity, disaster recovery and resilience capabilities, and of the associated industry standards and regulatory expectations.
Experience as an organisation’s senior authority on cyber risk, resilience and survivability, ensuring risk-informed decision-making at the highest levels of the organisation.
Ability lead on external coordination with national authorities, regulators, government bodies and key suppliers during incidents, risk events and periods of national disruption.
Ability to develop Cyber, Risk and Resilience as an organisational skill domain, providing inspirational leadership and supporting career development and talent retention.
Evidence of ability to provide thought leadership on emerging threats, industry trends, technology innovation and regulatory developments, ensuring forward-thinking leadership continually positions the organisation to meet future challenges.
A skilled senior leader able to enable operating models, foster collaboration across functions, and establish a culture of explicit risk ownership, informed decision-making and accountability.
If you can bring some of these skills and experience, along with transferable strengths, we’d love to hear from you, and encourage you to apply.
Being a leader at the BBC means putting the organisation’s interest, goals and values first, ahead of individual team or function needs. The characteristics of an enterprise leader are: Focuses on outcomes over activity, adapts quickly, and simplifies complexity. They balance short-term actions with long-term impact, take full accountability for actions and decision-making, and prioritise capability development to create teams fit for the future.
Before your start date, you may need to disclose any unspent convictions or police charges, in line with our Contracts of Employment policy. This allows us to discuss any support you may need and assess any risks. Failure to disclose may result in the withdrawal of your offer.
.buttontext5e59931b164f1563 a{ border: 1px solid transparent; } .buttontext5e59931b164f1563 a: focus{ border: 1px dashed #24d7d8 !important; outline: none !important; }
Disclaimer
This job description is a written statement of the essential characteristics of the job, with its principal accountabilities, incorporating a note of the skills, knowledge and experience required for a satisfactory level of performance. This is not intended to be a complete, detailed account of all aspects of the duties involved.
Please note: If you were to be offered this role, the BBC will conduct Employment screening checks which include Reference checks; Eligibility to work checks; and if applicable to the role, Safeguarding and Adverse media/Social media checks. Any offer made is conditional on these checks being satisfactory.
Before your start date, you may need to disclose any unspent convictions or police charges, in line with our Recruitment policy. This allows us to discuss any support you may need and assess any risks. Failure to disclose may result in the withdrawal of your offer.
For any general queries, please contact: [email protected]
We are unable to accept applications via CV and only applications made online will be considered. Please click on the APPLY NOW button to proceed with your application.
.buttontext1ad93fa97229140d a{ border: 1px solid transparent; } .buttontext1ad93fa97229140d a: focus{ border: 1px dashed #24d7d8 !important; outline: none !important; }
Redeployment
The BBC is committed to redeploying employees seeking suitable alternative employment within the BBC and they will be given priority consideration ahead of other applicants. Priority consideration means for those employees seeking redeployment their application will be considered alongside anyone else at risk of redundancy, prior to any individuals being considered who are not at risk.
