Are you ready to drive effective information security risk management for a vital public service? Join us as a Security and Information Risk Advisor within the Digital Risk & Security branch of Social Security Scotland where your expertise will guide our commitment to protecting Social Security Scotland. If you are passionate about cyber security and have a keen interest in safeguarding critical information, apply now to join our talented team and take the next step in your career.
As a Security and Information Risk Advisor, you will play a pivotal role in providing advice and guidance on the effective specification, implementation, and operation of cyber security controls. Collaborating closely with various stakeholders, you will conduct security risk assessments, investigate breaches, and contribute to the development of information security policies, standards, and guidelines. This is a key position within Digital Risk & Security, focusing on ensuring compliance with legislation, regulation, and relevant standards.
Responsibilities
* Provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
* Obtain and act on vulnerability information and conduct security risk assessments and business impact analysis on complex information systems.
* Investigate major breaches of security, and recommend appropriate control improvements.
* Contribute to development of information security policy, standards and guidelines.
* Interpret information assurance and security policies and apply these in order to manage risks.
* Provide advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards and guidelines.
* Use control testing information to support information assurance assessments.
* Contribute to the development of policies, standards and guidelines.
Additional duties
* Liaison with and support of other Digital Risk and Security functions.
* Management of problems and issues, resolutions, corrective actions, and lessons learned.
* Collection and dissemination of relevant information and risk management advice.
* Collection of feedback from customers in order to develop and enhance customer and stakeholder relationships.
* Supporting the assessment of third party suppliers’ control environments.
Essential Experience
1. Demonstrable knowledge of technical, physical, procedural and personnel controls.
2. Demonstrable evidence of being able to communicate effectively across organisational and technical boundaries.
Technical skills
This role is aligned to Security and Information Risk Advisor within the Digital, Data and Technology Profession.
Behaviours
• Seeing the big picture - Level 3
• Changing and improving - Level 3
• Communicating and influencing - Level 3
How to apply
Apply online, you must provide a CV and Supporting Statement (of no more than 750 words) which provides evidence of how you meet the skills, experience and behaviours listed in the Success Profiles above.
Your CV and Supporting Statement should clearly demonstrate how you meet the Experience and Behaviours required for the role as outlined in the Success Profile above. Be sure to provide specific examples of work that you’ve done that showcase your relevant skills, knowledge and experience.
Candidates who are successful at sift stage will be invited to attend an Interview and Technical Assessment. The interview will further assess the Experience and Behaviours listed in the job advert and the Technical Assessment will evaluate the Technical Skills relevant to the role.
Expected Timeline (subject to change)
Sift - w/c 5th May
Interview – w/c 26th May
Location - In Person in either Dundee or Glasgow
Reserve List
In the event that there are more successful candidates than posts available, a reserve list will be kept for up to 12 months.
About us
Social Security Scotland is an Executive Agency of the Scottish Government. Our benefits help people from all walks of life in Scotland. We offer rewarding careers and employ people across Scotland in a wide range of professions and roles. We are committed to recruiting a diverse workforce that is representative of the clients we serve.
We offer a supportive and inclusive working environment along with a wide range of employee benefits.
As part of the UK Civil Service, we uphold the Civil Service Nationality Rules.
DDaT Pay Supplement
This post is part of the Scottish Government Digital, Data and Technology (DDAT) profession and as a member of the profession you will join the professional development system. This post currently attracts a £5,000 annual DDAT pay supplement, applicable after a 3 months competency qualifying period. The payment will be backdated to your start date in the role. Pay supplements are reviewed regularly and there is one currently underway. Changes will be communicated when the review is concluded.
Working pattern
Our standard hours are 35 hours per week and we offer a range of flexible working options, depending on the needs of the role. We embrace a hybrid working style where all colleagues will spend time in either our Glasgow or Dundee offices. There is an expectation of a minimum 2 days per week in your assigned location, which will be either Glasgow or Dundee.
Equality Statement
Social Security Scotland are committed to equality and inclusion, and we aim to recruit a diverse workforce that reflects the population of our nation.
Social Security Scotland are a Disability Confident Employer. We will consider and implement any reasonable adjustments you may require throughout the recruitment process and during the course of your employment, should you be successful in securing a post.
Further information
This post requires the successful candidate to clear additional National Security Vetting clearance (Security Check) before a start date can be offered.
The successful candidate will be expected to remain in post for a minimum of 3 years unless successful in gaining promotion to a higher Band or Grade.
Apply before: 6th May 2025 at 23:55
#J-18808-Ljbffr