Contents Location About the job Benefits Things you need to know Apply and further information Location Dundee, Glasgow About the job Job summary As a Security and Information Risk Advisor, you will play a key role in providing expert guidance on implementing robust cyber security measures to ensure the integrity, availability, authenticity, and confidentiality of critical information. Collaborating with the Security Risk and Assurance Manager, you will monitor compliance, conduct risk assessments, and work with Security Architects and the Chief Digital Office to identify vulnerabilities and strengthen security protocols. If you have a solid understanding of cyber security and a passion for digital risk management, this position offers a chance to contribute to Social Security Scotland's mission, ensuring secure services for the public while advancing your career and making a community impact. DDaT Pay Supplement This post attracts a £5000 Digital, Data and Technology (DDaT) pay supplement after a 3 months DDaT competency qualifying period. The payment will be backdated to your start date in the role. Pay supplements are temporary payments designed to address recruitment and retention issues caused by market pressures and are subject to regular review. This post is part of the Scottish Government DDaT profession. As a member of the profession you will join the professional development system, currently BCS RoleModelplus. Job description Provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards. Obtain and act on vulnerability information and conducts security risk assessments and business impact analysis on complex information systems. Investigate major breaches of security, and recommend appropriate control improvements. Contribute to development of information security policy, standards and guidelines. Interpret information assurance and security policies and applies these in order to manage risks. Provide advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards and guidelines. Use control testing information to support information assurance assessments. Contribute to the development of policies, standards and guidelines. Additional duties : Liaison with and support of other Digital Risk and Security functions. Management of problems and issues, resolutions, corrective actions, and lessons learned. Collection and dissemination of relevant information and risk management advice. Collection of feedback from customers in order to develop and enhance customer and stakeholder relationships. Supporting the assessment of third party suppliers control environments. Person specification Success Profile We use an assessment framework called Success Profiles which lists the elements we test and provides detailed descriptions of each. Find out more about how we assess the Success Profile elements. Essential Experience Demonstrable knowledge of technical, physical, procedural and personnel controls. Behaviours We'll assess you against these behaviours during the selection process: Changing & Improving Demonstrable evidence of being able to communicate effectively across organisational and technical boundaries (Level 2) Seeing the Bigger Picture - Demonstrable evidence of being able to plan, manage, estimate and report on a distinct piece of work (Level 2) Technical skills This role is aligned to Security and Information Risk Advisor within the Cyber Security and Information Assurance DDaT job family. Please review the following to understand the skill expectations here. We'll assess you against the following technical skills during the selection process: Analysis (Relevant skill level: working). At this level you: - Are able to apply the approach to real problems and consider all relevant information. - Apply appropriate rigour to ensure a full solution is designed and achieves the business outcome. Communicating between the technical and non-technical (Relevant skill level: expert). At this level you: - Are able to mediate and mend relationships, communicating with stakeholders at all levels. - Are able to manage stakeholders expectations and facilitate discussions across high risk or complex topics, or under constrained timescales. - Are able to speak and represent the community to large audiences inside and outside of government. Enabling and informing risk-based decisions (Relevant skill level: practitioner). At this level you: - Work with higher impact or more complex risks. - Advise on the impact of these and whether this is within risk tolerance. - Are able to apply different risk methodologies in proportion to the risk in question. Specific security technology and understanding (Relevant skill level: working). At this level you: - Have knowledge of system architectures. - Are able to understand and articulate the impact of vulnerabilities on existing and future designs and systems, and are able to articulate a response. - Have broad knowledge of a range of systems but may specialise in one. Benefits Annual Leave - You will receive 25 days annual leave on joining us. This will increase to 30 days after four full years of service. You will also have 11.5 public and privilege days of leave every year. We also offer Flexi-time. Any extra hours you've worked can be taken as leave when suitable. A Civil Service Pension - This job comes with a Civil Service pension. New joiners to the Civil Service will join a career average pension scheme as standard. Read more here - www.civilservicepensionscheme.org.uk. Healthy work life balance - We can offer the possibility of full-time, part-time, term-time, and job shares. We also encourage flexible working. Discounts - You can enjoy a vast range of retail, travel and lifestyle discounts through our benefit scheme. Personal support for you - Our Employee Assistance Programme gives you confidential, independent information and guidance 24/7. Volunteering special leave - Up to six days paid special leave a year for volunteering. We support our staff to help causes important to them. Great locations - Our bright and modern offices in the heart of Dundee and Glasgow have been designed with staff in mind. Both locations are ideal for public transport. Things you need to know Selection process details Expected Timeline (subject to change) Sift w/c 9th December Interview w/c 6th January Location in person Dundee or Glasgow To apply please submit an application form by clicking on the Apply at Advertisers Site button. Feedback will only be provided if you attend an interview or assessment. Security Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window). See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks. Nationality requirements This job is broadly open to the following groups: UK nationals nationals of the Republic of Ireland nationals of Commonwealth countries who have the right to work in the UK nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window) nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS) individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020 Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service Further information on nationality requirements (opens in a new window) Working for the Civil Service The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. Diversity and Inclusion The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window). Apply and further information This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative. The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window). Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records. Contact point for applicants Job contact : Name : Resourcing Team Email : recruitmentsocialsecurity.gov.scot Telephone : 08001577194 Recruitment team Email : recruitmentsocialsecurity.gov.scot Further information https://www.socialsecurity.gov.scot/jobs/how-to-make-a-great-application Apply at advertiser's site Share this page Print Email Facebook Twitter LinkedIn GMail