drjobs Security and Information Risk Advisor

Security and Information Risk Advisor

Employer Active

1 Vacancy
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Glasgow - UK

Monthly Salary drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Vacancy

1 Vacancy

Job Description

Description

Are you ready to drive effective information security risk management for a vital public service Join us as a Security and Information Risk Advisorwithin the Digital Risk & Security branch of Social Security Scotland where your expertise will guide our commitment to protecting Social Security Scotland. If you are passionate about cyber security and have a keen interest in safeguarding critical information apply now to join our talented team and take the next step in your career.

As a Security and Information Risk Advisor you will play a pivotal role in providing advice and guidance on the effective specification implementation and operation of cyber security controls. Collaborating closely with various stakeholders you will conduct security risk assessments investigate breaches and contribute to the development of information security policies standards and guidelines. This is a key position within Digital Risk & Security focusing on ensuring compliance with legislation regulation and relevant standards.



Responsibilities

Responsibilities

  • Provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
  • Obtain and act on vulnerability information and conducts security risk assessments and business impact analysis on complex information systems.
  • Investigate major breaches of security and recommend appropriate control improvements.
  • Contribute to development of information security policy standards and guidelines.
  • Interpret information assurance and security policies and apply these in order to manage risks.
  • Provide advice and guidance to ensure adoption of and adherence to information assurance architectures strategies policies standards and guidelines.
  • Use control testing information to support information assurance assessments.
  • Contribute to the development of policies standards and guidelines.

Additional duties

  • Liaison with and support of other Digital Risk and Security functions.
  • Management of problems and issues resolutions corrective actions and lessons learned.
  • Collection and dissemination of relevant information and risk management advice.
  • Collection of feedback from customers in order to develop and enhance customer and stakeholder relationships.
  • Supporting the assessment of third party suppliers control environments.


Qualifications

Success Profiles
We use an assessment framework called Success Profiles which lists the elements we test and provides detailed descriptions of each. Find out more about how we assess the Success Profile elements

Essential Experience
1. Demonstrable knowledge of technical physical procedural and personnel controls.
2. Demonstrable evidence of being able to communicate effectively across organisational and technical boundaries.

Technical skills
This role is aligned to Security and Information Risk Advisorwithin the Digital Data and Technology Profession.

These skills will be tested during the Technical Assessment if you are successful at sift stage. They will be not be assessed at application stage. Please review the following to understand the skill expectations: Security and information risk Information Assurance and Security: Security and information risk

Behaviours
Seeing the big picture Level 3
Changing and improving Level 3
Communicating and influencing Level 3

You can find out more about Success Profiles Behaviours here: Success Profiles Civil Service Behaviours

How to apply
Apply online you must provide a CV and Supporting Statement (of no more than 750 words) which provides evidence of how you meet the skills experience and behaviours listed in the Success Profiles above.

Your CV and Supporting Statement should clearly demonstrate how you meet the Experience and Behaviours required for the role as outlined in the Success Profile above. Be sure to provide specific examples of work that youve done that showcase your relevant skills knowledge and experience.

In the event that we receive a high volume of applications we may conduct an initial sift using the CV and Supporting Statement based on the first Experience criteria. Candidates who successfully pass this initial sift will have their applications fully assessed.

Candidates who are successful at sift stage will be invited to attend an Interview and Technical Assessment. The interview will further assess the Experience and Behaviours listed in the job advert and the Technical Assessment will evaluate the Technical Skills relevant to the role.

Candidates who pass the sift and are invited to the Interview and Technical Assessment stage will receive a Technical Assessment Candidate Pack which will outline the skills to be assessed and the assessment methods to be used.

Following the application sift there may be a telephone interview as part of the assessment process before the main interview.

We aim to provide feedback on request. However if we receive a large number of applications it may not be possible for us to provide specific feedback on your application. We will provide feedback on request to candidates who attend an interview/assessment.

Information Sessions
We are holding a candidate information session on Tuesday 29th May at 1.302.30pm for this role.

We will be talking about:
The Security and Information Risk Advisor role and the Digital Risk & Security team
About Social Security Scotland
Our recruitment process
Q&A with the hiring manager

Join us using the link below:

Join the meeting now

Expected Timeline(subject to change)
Sift w/c 5th May
Interview w/c 26th May
Location In Person in either Dundee or Glasgow

Reserve List
In the event that there are more successful candidates than posts available a reserve list will be kept for up to 12 months.

As part of the UK Civil Service we uphold the Civil Service Nationality Rules.

DDaT Pay Supplement
This post is part of the Scottish Government Digital Data and Technology (DDAT) profession and as a member of the profession you will join the professional development system. This post currently attracts a 5000 annual DDAT pay supplement applicable after a 3 months competency qualifying period. The payment will be backdated to your start date in the role. Pay supplements are reviewed regularly and there is one currently underway. Changes will be communicated when the review is concluded.

Working pattern
Our standard hours are 35 hours per week and we offer a range of flexible working options depending on the needs of the role. We embrace a hybrid working style where all colleagues will spend time in either our Glasgow or Dundee offices. There is an expectation of a minimum 2 days per week in your assigned location which will be either Glasgow or you have specific questions about the role you are applying for please contact us.

Find out more about our commitment to diversity and how we offer and support recruitment adjustments for anyone who needs them.

Further information
This post requires the successful candidate to clear additional National Security Vetting clearance (Security Check) before a start date can be offered. Further information regarding National Security Vetting clearance can be found here
United Kingdom Security Vetting: Applicant

Read our Candidate Guide for further information on our recruitment and application processes.




Required Experience:

Unclear Seniority

Employment Type

Full-Time

About Company

Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.