The primary responsibility of this cyber role is to review third party suppliers and products, such as SAAS applications. This role will also include occasional involvement in the review of IT systems, services, and applications developed or purchased by the department, identifying any security issues, design flaws, and making security recommendations in line with industry security best practices and the HMG Security Policy Framework. Supported by our technical teams, architects, and engineers, you will provide high-quality cyber security advice and guidance across all matters relating to proposed digital services, applications, and suppliers.
As a Cyber Assurance Risk Advisor, you’ll:
1. Analyse security requirements, taking account of both internal and external guidance, policy, and regulations.
2. Assist with developing and promoting information security policies to achieve security outcomes within a defined scope and in line with cross-government policies and the new GovAssure service.
3. Assist with designing and implementing security awareness campaigns.
4. Be part of the assurance process, identifying security threats, vulnerabilities, and hazards to the department’s suppliers, systems, services, or processes to inform risk assessments and design of security features.
5. Use your increasing knowledge and expertise in assurance to make decisions on the levels of risk the Department is being exposed to and recommendations of how to remediate these within particular systems, suppliers, applications, or services.
6. Support and conduct cyber security risk assessments, cyber security audits, and cyber security incident management.
7. Support cyber security operations processes in accordance with organisational policies and standards and business requirements.
8. Assist in managing contracts, suppliers, or services related to cyber security.
9. Work with other teams to help them create services that are secure by design.
10. Promote good cyber security practices across the Department and support product teams to ensure their services continue to be secure as they are run and updated to meet new business requirements.
#J-18808-Ljbffr