Job description
We are currently seeking applications for Security and Information Risk Advisors based in Glasgow or Dundee. This is an exciting opportunity to lead on technical projects as the security representative. The post holder will provide pragmatic security and information assurance advice to a range of stakeholders including business areas and the wider Scottish public sector. A security qualification or professional security certification is desirable but relevant experience will be considered.
Social Security Scotland, an Executive Agency of the Scottish Government, is the largest and most complex IT and digital change programme since devolution. With a lifetime budget of over £300m, delivering a social security system that will support the people of Scotland for decades to come. Due to the demands of this exciting programme of work, the Agency is currently experiencing rapid growth and we require more incredible digital, security and technology experts to join us, including Security Risk and Assurance Analyst's.
What do we offer you?
- Salary between £33120 - £37936
- Flexible working arrangements with potential of up to 4 days off per month.
- You will have an annual leave allowance of 5 weeks, rising to 6 weeks after 4 years. In addition, the Scottish Government observes 11½ days public and privilege holidays, dates of which are set annually.
- Workplace adjustments for everyone that needs them to ensure your comfort and safety in your new role.
- Learning and development opportunities to support your personal and professional growth.
- Career progression – join a rapidly growing and developing organisation with excellent opportunities for career advancement.
- Contributory Pension Scheme (employee contributions 5.45% employer contributions 27.1 - 27.9%).
- Health and wellbeing support including 24 hour access to our Employee Assistance Programme, plus counselling support available for all.
DDaT Pay Supplement
Flexible and Hybrid Working
Social Security Scotland is an Executive Agency of the Scottish Government.
Our benefits help people from all walks of life in Scotland. We are committed to recruiting a diverse workforce that is representative of the clients we serve.
Find out more about us here
Main Duties
- Provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
- Obtain and act on vulnerability information and conducts security risk assessments and business impact analysis on complex information systems.
- Investigate major breaches of security, and recommend appropriate control improvements.
- Contribute to development of information security policy, standards and guidelines. Interpret information assurance and security policies and applies these in order to manage risks.
- Provide advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards and guidelines.
- Use control testing information to support information assurance assessments.
- Contribute to the development of policies, standards and guidelines.
Additional Duties
- Liaison with and support of other Digital Risk and Security functions.
- Management of problems and issues, resolutions, corrective actions, and lessons learned.
- Collection and dissemination of relevant information and risk management advice.
- Collection of feedback from customers in order to develop and enhance customer and stakeholder relationships.
- Supporting the assessment of third party suppliers’ control environments.
Here are details of the Competencies required for this role and you will be tested against these competencies if you are invited to attend the interview/assessment:
Self Awareness- Communications and Engagement
- Improving Performance
- Analysis and Use of Evidence
- DDaT Technical Skill Assessment
To apply for this post, you will need to provide the information requested below via the online application process.
A CV (no longer than two pages) setting out your career history, with key responsibilities and achievements - this is accessed through the candidate profile.
A Personal Statement (no longer than 750 words) explaining why you consider your personal skills, qualities and experience suitable for this role, with particular reference to the essential criteria below.
1. Demonstrable evidence of being able to communicate effectively across organisational and technical boundaries
2. Demonstrable evidence of being able to plan, manage, estimate and report on a distinct piece of work
3. Demonstrable knowledge of technical, physical, procedural and personnel controls
4. Demonstrable knowledge of software, infrastructure components and IT services
When considering how your experience relates to the role, please tailor your CV and personal statement to reflect the role and the essential skills/criteria as described in the job description/person specification
When reviewing your application, we will be assessing your career history and achievements against the essential criteria for the role. We’re looking for examples of things you have previously achieved or your knowledge in a particular field which are relevant to the role.
In the event that further posts are required, a reserve list of successful candidates will be kept for up to 9 months.
The successful candidate will be expected to remain in post for a minimum of 2 years unless successful in gaining promotion to a higher Band or Grade
This post requires the successful candidate to clear additional National Security Vetting clearance before a start date can be offered.
DDaT Social Security Scotland - Further information - Security and Information Risk Advisor B2
Information Session:
We will be talking about:
- What a Security and Information Risk Advisor does
- What it's like working Social Security Scotland
- What our recruitment process looks like
- An opportunity to ask questions about our role
https://www.eventbrite.co.uk/e/information-session-for-b2-security-information-risk-adviser-tickets-594641106557
To learn more about this opportunity, please contact Glyn Edwards who can be reached at [email protected]
Further Information
Social Security Scotland’s recruitment processes are underpinned by the recruitment principles of the Civil Service Commissioner, which outline that selection for appointment be made on merit on the basis of fair and open competition - Recruitment - Civil Service Commission (independent.gov.uk)
If you feel at any time your application has not been treated in accordance with the values in the Civil Service Code and/or if you feel the recruitment has been conducted in such a way that conflicts with the Civil Service Commissioner’s Recruitment Principles, you can make a complaint, by contacting Social Security Scotland at [email protected] in the first instance. If you are not satisfied with the response you receive you can contact the Civil Service Commissioner.
If you experience any difficulties accessing our website or completing the online application form, please contact the Resourcing Team via [email protected]
#LI-DNI