Job summary
�
Reporting into the Head of Cyber Security you will hold a pivotal role within the ICO responsible for critical areas of Technical Security, security by design, delivery of key security projects and engagements whilst imparting your specialist knowledge and expertise to your colleagues.
�
The Information Commissioner�s Office (ICO) is the independent regulator of information rights. In a data-driven world, we provide advice, guidance, and support to organisations enabling compliance with their obligations, as well as protecting individuals and their personal data.�
As an employer, we are passionate about making a positive difference to the lives and careers of our people, and we empower you to be curious, impactful, collaborative and respectful.�
Job description
Focused on key areas of technical security, security by design, security engagement for new development and system changes, staff education and ensuring the adherence to corporate policies, controls, and industry best practices.
As an experienced Security Consultant, you will lead and deliver technical security engagements across the ICO providing security requirements, advice and guidance, technical leadership and oversight of security controls for all new developments, or technical changes to existing systems or services.
As part of the Cyber Security team, you will provide technical expertise and practical experience to drive ICO policies and education, and to deliver appropriate and proportionate direction, on technical security issues and challenges. Including the creation and updating of technical baseline security standards.
�
Key Responsibilities
1. Ownership of secure by design principles and guidance.
2. Delivery of technical security requirements.
3. Project and change security governance.
4. Technical security collaboration both internally to the ICO and with external partners
5. Technical security KPI�s
6. Leadership and management of cross function security engagement
�
�
Person specification
Essential criteria assessed at application stage:
�
7. An experienced information security consultant with CISSP in good standing. Or equivalent proven level of experience, accumulated through a combination of academic or vocational qualifications and in role experience.
8. Minimum of 2 years� experience in a similar role
9. Experience of defining and refining security controls and standards
10. Proven experience of implementing or reviewing technical security controls
11. Experience of delivering cross organisation security change, with the ability to influence and guide both technical and non-technical colleagues, through policies and in best practices.
12. Knowledge of Cloud security, microservices, Azure or AWS technical security experience and strong knowledge of the shared responsibility security model
�
�
Essential criteria assessed during interview:
�
13. An experienced information security consultant with CISSP in good standing. Or equivalent proven level of experience, accumulated through a combination of academic or vocational qualifications and in role experience.
14. Minimum of 2 years� experience in a similar role
15. Experience of defining and refining security controls and standards
16. Proven experience of implementing or reviewing technical security controls
17. Experience of delivering cross organisation security change, with the ability to influence and guide both technical and non-technical colleagues, through policies and in best practices.
18. Knowledge of Cloud security, microservices, Azure or AWS technical security experience and strong knowledge of the shared responsibility security model
19. Self-motivated and dynamic with the skills to identify issues and willingness to own remediations.
20. Excellent verbal, communication, and interpersonal skills with people at all levels
Benefits
Alongside your salary of �66,154, Information Commissioner's Office contributes �19,164 towards you being a member of the Civil Service Defined Benefit Pension scheme. Please visit for full details, including salary and benefits.