Security and Information Risk Advisor (1152) - #137818

Dundee, Glasgow

Job Summary

Are you ready to drive effective information security risk management for a vital public service? Join us as a Security and Information Risk Advisor within the Digital Risk & Security branch of Social Security Scotland where your expertise will guide our commitment to protecting Social Security Scotland. If you are passionate about cyber security and have a keen interest in safeguarding critical information, apply now to join our talented team and take the next step in your career.

As a Security and Information Risk Advisor, you will play a pivotal role in providing advice and guidance on the effective specification, implementation, and operation of cyber security controls. Collaborating closely with various stakeholders, you will conduct security risk assessments, investigate breaches, and contribute to the development of information security policies, standards, and guidelines. This is a key position within Digital Risk & Security, focusing on ensuring compliance with legislation, regulation, and relevant standards.

DDaT Pay Supplement

This post is part of the Scottish Government Digital, Data and Technology (DDAT) profession and as a member of the profession you will join the professional development system. This post currently attracts a £5,000 annual DDAT pay supplement, applicable after a 3 months competency qualifying period. The payment will be backdated to your start date in the role. Pay supplements are reviewed regularly and there is one currently underway. Changes will be communicated when the review is concluded.

Job Description

• Provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards
• Obtain and act on vulnerability information and conducts security risk assessments and business impact analysis on complex information systems
• Investigate major breaches of security, and recommend appropriate control improvements
• Contribute to development of information security policy, standards and guidelines
• Interpret information assurance and security policies and apply these in order to manage risks
• Provide advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards and guidelines
• Use control testing information to support information assurance assessments
• Contribute to the development of policies, standards and guidelines
  
  

Additional Duties

• Liaison with and support of other Digital Risk and Security functions
• Management of problems and issues, resolutions, corrective actions, and lessons learned
• Collection and dissemination of relevant information and risk management advice
• Collection of feedback from customers in order to develop and enhance customer and stakeholder relationships
• Supporting the assessment of third party suppliers’ control environments
• Provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards
• Obtain and act on vulnerability information and conducts security risk assessments and business impact analysis on complex information systems
• Investigate major breaches of security, and recommend appropriate control improvements
• Contribute to development of information security policy, standards and guidelines
• Interpret information assurance and security policies and apply these in order to manage risks
• Provide advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards and guidelines
• Use control testing information to support information assurance assessments
• Contribute to the development of policies, standards and guidelines
  
  

Additional Duties

• Liaison with and support of other Digital Risk and Security functions
• Management of problems and issues, resolutions, corrective actions, and lessons learned
• Collection and dissemination of relevant information and risk management advice
• Collection of feedback from customers in order to develop and enhance customer and stakeholder relationships
• Supporting the assessment of third party suppliers’ control environments
  
  

Person specification

Success Profiles

We use an assessment framework called ‘Success Profiles’ which lists the elements we test and provides detailed descriptions of each. Find out more about how we assess the Success Profile elements

Essential Experience

• Demonstrable knowledge of technical, physical, procedural and personnel controls.
• Demonstrable evidence of being able to communicate effectively across organisational and technical boundaries.
  
  

Technical Skills

This role is aligned to Security and Information Risk Advisor within the Digital, Data and Technology Profession.

These skills will be tested during the Technical Assessment if you are successful at sift stage. They will be not be assessed at application stage. Please review the following to understand the skill expectations: Security and information risk - Information Assurance and Security: Security and information risk - gov.scot

Behaviours

• Seeing the big picture - Level 3
• Changing and improving - Level 3
• Communicating and influencing - Level 3
  
  

You can find out more about Success Profiles Behaviours, here: Success Profiles - Civil Service Behaviours (publishing.service.gov.uk) 

Annual Leave - You will receive 25 days annual leave on joining us. This will increase to 30 days after four full years of service. You will also have 11.5 public and privilege days of leave every year. We also offer Flexi-time. Any extra hours you've worked can be taken as leave when suitable.

A Civil Service Pension - This job comes with a Civil Service pension. New joiners to the Civil Service will join a career average pension scheme as standard. Read more here - www.civilservicepensionscheme.org.uk.

Healthy work life balance - We can offer the possibility of full-time, part-time, term-time, and job shares. We also encourage flexible working.

Discounts - You can enjoy a vast range of retail, travel and lifestyle discounts through our benefit scheme.

Personal support for you - Our Employee Assistance Programme gives you confidential, independent information and guidance 24/7.

Volunteering special leave - Up to six days paid special leave a year for volunteering. We support our staff to help causes important to them.

Great locations - Our bright and modern offices in the heart of Dundee and Glasgow have been designed with staff in mind. Both locations are ideal for public transport.

Selection process details

Expected Timeline (subject to change)

Sift - w/c 5th May

Interview – w/c 26th May

Location - In Person in either Dundee or Glasgow

To apply please submit an application form by clicking on the ‘Apply at Advertisers Site’ button.

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.

Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).See our vetting charter (opens in a new window).

People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Successful candidates must undergo a criminal record check.

Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).See our vetting charter (opens in a new window).

People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This Job Is Broadly Open To The Following Groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
  
  

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).

The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).

The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.

The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).

Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job Contact :

• Name : Resourcing Team
• Email : [email protected]
  
  

Recruitment team

• Email : [email protected]
  
  

Further information

https://www.socialsecurity.gov.scot/jobs/how-to-make-a-great-application