Menu

Cyber Risk & Compliance Lead

Job details
Posting date: 17 June 2024
Hours: Full time
Closing date: 17 July 2024
Location: Edinburgh, EH12 5HD
Company: Reed Talent Solutions
Job type: Permanent
Job reference: RPO03264-298829

Apply for this job

Summary

Cyber Risk & Compliance Lead
12 Month FTC
Edinburgh/Hybrid
£61,626 - £72,684

Everything we do at the Scottish Funding Council (SFC) aims to create the right environment for colleges and universities to thrive.

The Scottish Funding Council is Scotland’s tertiary education and research authority. Our ambition is to make Scotland an outstanding place to learn, educate, research, and innovate – now and for the future. So, naturally, we have a clear focus on recruiting the best people and developing them throughout their career. We invest around £2 billion every year, and our funding enables colleges and universities to provide life-changing opportunities for over half a million people. 

We’re not only looking for the best people to come and work for us, but also people who will connect with our guiding principles which include working in partnership, championing diversity, and supporting sustainability for future generations.

By fostering our guiding principles, we are very proud of the inclusive working environment that we have created. We are committed to attracting people of all backgrounds: we want our colleague base to reflect the people and communities that we serve.

Job Summary

As the Cyber Risk & Compliance Lead at the Scottish Funding Council, you will champion our cybersecurity initiatives, ensuring the protection of our operations, data and technologies in alignment with UK-specific cybersecurity standards and frameworks. This role is critical in maintaining the SFC’s reputation for excellence and integrity in the funding of education and research across Scotland.

Key Responsibilities

  • Develop and implement a cyber risk management framework tailored to the specific needs and challenges of the SFC, focusing on the protection of financial data, personal information of students and staff, and sensitive research data.
  • Ensure full compliance with Scottish and UK data protection laws, as well as adherence to specific regulations relevant to our organisation and our internal and external audit obligations.
  • Collaborate closely with academic institutions, research bodies, and government agencies to align cyber security practices and foster a culture of shared responsibility and leading practices in data protection and risk management.
  • Lead the review and enhancement of policies, procedures, and controls governing data security, risk assessment, and compliance within the funding council’s operations.
  • Conduct targeted cyber risk assessments and compliance audits, providing strategic insights and recommendations to the SFC’s senior management and governing board.
  • Act as a principal advisor on cyber security matters, offering expert guidance to support the council’s strategic initiatives in funding education and research.
  • Stay abreast of emerging cyber threats and advancements in cyber security technologies and practices, ensuring the SFC remains proactive and responsive in its cyber risk and compliance strategies.

Person specification

It is important through your CV / Cover Letter that you give evidence of proven experience of each of the following essential criteria:

Essential Requirements:

  • Proven track record in cybersecurity risk management, with a strong understanding of the UK cybersecurity landscape, including Cyber Essentials, ISO 27001 frameworks.
  • Familiarity with the NCSC’s guidelines and recommendations for public sector organisations.
  • Experience in managing cybersecurity compliance projects within the UK, including the attainment of Cyber Essentials certification.
  • Leadership experience with the ability to mentor a team and drive cybersecurity awareness across an organisation.
  • Excellent communication and influencing skills, capable of engaging effectively with a range of stakeholders on complex cybersecurity issues to ensure change is adopted and sustained.

Professional Certifications:

  • Holding or working towards UK-recognized cybersecurity certifications, such as those offered by CREST or Cyber Essentials Plus, is highly desirable.
  • Additional certifications such as CISSP, CISM, or ISO 27001 Lead Auditor/Implementer would be beneficial.

Additional information

Location
SFC offers hybrid working for its employees. This means that whilst the role is based at our Edinburgh office, there is substantial opportunity to work from home most of the time. As a rule of thumb SFC expects that a minimum of three days a month in the office (on average) will achieve the benefits of its hybrid approach, however this could be negotiated after initial period. Please be aware that this role can only be worked from within the UK and not overseas. Relocation expenses are not available.

Key Rewards and Benefits

  • Normal full-time hours of work are 35 per week. We will consider flexible working arrangements. A flexi-time system is in operation.
  • Annual leave entitlement of 26.5 days pro-rata, rising to 30 days pro-rata after 4 years’ continuous service. Public and privilege holiday entitlement of 11.5 days pro-rata.
  • A flexible approach to hybrid working, giving you flexibility to work from home for some of the time while also maintaining regular in-person contact with colleagues.
  • Annual pay review: approved within the framework of the Scottish Government’s Public Sector Pay Policy and negotiated with our recognised trade union, Unite. Salaries are reviewed annually in April for employees who commence employment prior to 1 October in the preceding year.
  • Eligibility to join the Civil Service Pension Scheme. With its low member contribution rates and generous employer contributions, this gives you a secure, inflation-proof pension for life with no investment uncertainty. Details of contribution rates together with further details of the pension benefits are available on the Civil Service Pensions website. There is also the option of a Partnership pension account.
  • Support for continuous professional development.
  • Support for health and wellbeing, including generous occupational sick pay, free access to confidential advice and support through our 24/7 Employee Assistance Programme, Special Leave (paid and unpaid), a contribution to learning outside work through our Lifelong Learning Fund, free winter flu vaccination, and access to occupational health support.
  • Support for travel to and from work, including a salary sacrifice cycle loan scheme, cycle storage and shower facilities, an interest-free loan for bus or rail season tickets and free office car parking for employees on a first-come basis.

The Selection Process

How to Apply:
To apply, please send your CV and cover letter. The selection panel will use this evidence to assess your application against the selection criteria in the Person Specification section above. It is not mandatory to provide a cover letter but it can be beneficial to provide further evidence of your suitability against the essential skills. In your CV please also set out your educational and professional qualifications, and career history, with key responsibilities, dates and achievements. Please provide reasons for any gaps.

Expected Timeline:
Your application will be reviewed by a Reed Recruitment Specialist who may invite you to an initial telephone screening call. The call will last up to 30 minutes, giving you an opportunity to discuss your relevant experience, the role and The Scottish Funding Council in more detail.

Should you application be progressed, the selection panel will assess your application by considering the evidence you have provided in your CV / Cover Letter. Please ensure your application demonstrates how you meet the criteria in the Person Specification for the role. The selection panel will then select the shortlist of candidates to take forward to interview stage.


Pre-Employment Checks:
As part of our pre-employment process, we will ask you to provide relevant documentation to show that you are eligible to work in the UK and a Basic Disclosure Scotland certificate. You must be eligible to work in the UK to apply for this role; we do not offer sponsorships. We also take up references as part of this process. Expenses will be reimbursed for Basic Disclosure check. This will only be requested if you are appointed into the role.


Disability Confident:
If you need any adjustments to support your application, such as information in alternative formats, please contact us and we’ll do everything we can to help. If you’re eligible under the Disability Confident Scheme please give details when prompted at the appropriate stage in the online application process.

Proud member of the Disability Confident employer scheme

Disability Confident
About Disability Confident
A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to Disability Confident.

Apply for this job

« Return to the search results