IT Director

• Provides robust and reliable technology platforms that enable the organisation to achieve its strategic objectives including operational maintenance.
• Ensures that new AI functionality introduce in core platforms and existing applications does not pose a risk to Ofcom data or systems.
• Manages cybersecurity across the estate, maintaining high standards of protection.
• Administers complex vendor contracts and outsource agreement for IT services ensuring maximum value and cost efficiency.
• Delivers comprehensive IT support services as required by the organisation.
• Provides rigorous operational financial management to ensure cloud and compute costs are minimised

The purpose and scope of the role

As IT Director you will be responsible for delivering efficient and secure infrastructure and technology support for Ofcom's complex regulatory environment. A hands-on Director, your responsibilities include:

• Provide end-to-end accountability for cyber security across the core Windows estate and critical enterprise platforms, including Salesforce, Workday and the corporate website, ensuring risks are proactively managed and controls remain effective.
• Lead the availability, resilience and performance of networks, infrastructure and platforms, ensuring services are reliable, scalable and able to meet organisational and regulatory requirements.
• Own service management for end-user computing, desktop and application support, ensuring services are delivered in line with agreed service levels and continuous improvement expectations.
• Manage complex supplier relationships across a multi-supplier environment, driving value for money, service quality and performance within a fixed and constrained budget.
• Lead financial management for technology operations, including cloud services, compute and associated running costs, maintaining strong cost control, transparency and forward planning.
• Oversee the operational maintenance, patching and lifecycle management of platforms and infrastructure, ensuring environments remain secure, supported and fit for purpose.
• Lead a team of onshore and offshore resource to deliver the service.
• Work in close partnership with Digital, Data and AI Director and team to ensure technology operations align with long-term business strategy, enabling the organisation to deliver its mission effectively and sustainably.

This role requires deep expertise in providing secure and trusted environments together with a hands-on approach

Your Key Responsibilities

End to end cyber security ownership

• Provide executive accountability and practical leadership for cyber security across the core Windows estate and critical enterprise platforms (Salesforce, Workday, corporate website). Set risk appetite, implement proportionate controls, and lead response to threats. Maintain a living risk register, drive remediation, and personally oversee high severity incidents. Leverage the Microsoft security stack to harden endpoints, identities, data and SaaS integrations.

ISO/IEC 27001 leadership

• Own the operational delivery of your domain and ensure alignment to ISO/IEC 27001. Keep the Statement of Applicability current; evidence control effectiveness, and drive non-conformance management. Prepare for surveillance/certification audits, coordinate internal audits/assurance, and ensure suppliers supporting AI/data/cloud services meet contractual and technical security obligations. Embed secure by design, change control, logging/monitoring, vulnerability management and BC/DR requirements into operational processes.

Network, infrastructure and platform resilience

• Lead the availability, resilience and performance of the network, infrastructure and platforms. Set and meet RTO/RPO targets; design and test failover and disaster recovery; oversee capacity/performance management and patch hygiene. Apply SRE/operational excellence practices to achieve reliable, scalable services that meet organisational and regulatory requirements.

Service management and user experience

• Own end user computing, main phone system, company mobile phones, desktop and application support with service management. Ensure incident, request, problem, change and release processes are disciplined and outcome focused. Uphold SLAs and drive continuous improvement through analytics, feedback and self-service. Maintain a modern Windows 11 build; manage configuration and compliance. This also includes service management for our contact centres.

Cloud platforms (with depth in Microsoft Azure)

• Provide leadership for cloud operations-primarily Azure. Ensure secure connectivity, identity architecture (Entra ID), password management, backup/recovery, cost controls and platform guardrails.

Microsoft estate expertise

• Serve as the executive owner for the Microsoft stack across identity, endpoint, collaboration and security. Set standards for conditional access, MFA, privileged access (PIM), device compliance, app protection policies, baseline hardening and tenant hygiene. Oversee Defender for Endpoint/Identity/Cloud/Office detections and response; tune Sentinel analytics/playbooks; govern Power Platform environments and manage lifecycle and sprawl.

Multi supplier/vendor management

• Manage a complex supplier ecosystem. Hold suppliers to account on KPIs/SLAs, security obligations (incl. ISO 27001 alignment), service quality and value for money within a fixed public sector budget. Negotiate commercially robust contracts and ensure exit/transition, supportability and knowledge transfer are embedded.

Financial management and FinOps

• Lead financial stewardship for technology operations: cloud services, compute, licensing and run costs. Work with Finance Business partner to control spend and forecast accurately, providing transparency to the PMB/Executive on cost drivers and benefits realisation.

Operational maintenance and lifecycle

• Responsible for patching and vulnerability remediation, asset/configuration management, and hardware/software lifecycle. Ensure secure configurations, certificate/key management, and robust backup/restore tests across on premise and cloud workloads.

24×7 service delivery leadership

• Lead a blended team of onshore colleagues, and offshore partners to deliver robust operations. Set rotas/major incident practices, ensure clear escalation paths, define RACI across internal teams and suppliers, and invest in capability (training, runbooks, automation). Foster a culture of accountability, inclusivity and high performance.

Leadership

• Provide visible leadership to IT operations team, setting clear direction and expectations for secure, resilient service delivery. They will build a high-performance culture based on accountability, collaboration and continuous improvement, actively engaging with the team on priorities, risks and incidents. Through inclusive leadership, clear communication and a strong focus on capability development, they will support colleagues to take ownership, manage complexity and deliver reliable outcomes at pace.

Collaboration with Digital, Data and AI Team

• Partner closely with Digital, Data and AI Director to align operations with long term strategy. Provide secure, well governed platforms for analytics and AI (data governance, privacy by design, access control, model hosting/monitoring), and ensure technology choices accelerate delivery of organisational outcomes.

Risk, compliance and assurance

• Providing clear reports for PMB, Risk and Audit/Board committees. Ensure compliance with relevant public sector guidance and regulatory obligations. Run regular exercises (tabletop, red/blue team, DR tests) and drive remediation to closure.

Continuous improvement and automation

• Champion automation and adopt metrics driven improvement. Celebrate early wins and scale proven practices across teams and suppliers.

• Hands-on experience in IT leadership roles within complex organisations with tight budgets.
• Deep understanding of IT governance, risk management, and compliance frameworks.
• Demonstrated ability to manage complex large-scale IT budgets, contracts, and vendor relationships.
• Proven track record in developing and executing IT strategies and digital transformation initiatives.
• Proven track record of enterprise architecture, cloud computing, cybersecurity, and emerging technologies
• Experience of Microsoft infrastructures essential.
• Salesforce and Workday highly desirable.
• Experience in leading multidisciplinary teams and managing change.
• Experience of negotiating highly complex vendor relationships and associated contracts.

Qualifications

• Bachelor's or Master's degree in Computer Science, Software Engineering, or related field.
• Extensive experience in IT infrastructure provision in regulated environments with strong cyber security. Significant senior leadership experience.

Behaviours

• Strategic thinker with a results-driven mindset.
• Collaborative and able to influence at all levels.
• Adaptable to change and promotes innovation.

Inclusivity Statement

Ofcom has a clear mission: to make communications work for everyone. To be able to deliver on this, we want our organisation to reflect the diversity of background, experience, upbringing and thought that exists across the UK. We aim to recruit from the widest pool of candidates possible - no matter your social background, age, ethnicity, sexual orientation, gender, or disability. We also warmly welcome applicants who are returning to the workforce after a break - for whatever reason. If you have taken time away and are ready to rejoin, we look forward to reviewing your application.

About Ofcom As the UK's communications regulator, we're delivering vital work that helps keep the UK connected and shapes the future of how we'll stay connected with each other. Our work covers everything from phones and broadband, through to TV, radio, the postal service, and wireless devices. We're also taking on the challenge of making the online world a safer place. And we need people of all backgrounds, skill sets, and experiences to help us achieve our goal of making communications work for everyone. About the team you'll be part of You will join a forward-looking complex regulatory organisation, committed to shaping the future of its technology. You will be leading a team that