Warning
This job advert has expired and applications have closed.
ICT Information Security Officer
| Posting date: | 06 March 2025 |
|---|---|
| Salary: | £37,523 to £44,766 per year |
| Additional salary information: | Civil Service Pension Scheme |
| Hours: | Full time |
| Closing date: | 24 March 2025 |
| Location: | CF99 1SN |
| Remote working: | Hybrid - work remotely up to 4 days per week |
| Company: | Senedd Cymru (Welsh Parliament) |
| Job type: | Permanent |
| Job reference: | SC-052-24 |
Summary
As an ICT Information Security Officer at the Senedd, you will be at the forefront of our efforts to maintain a secure and compliant digital environment. Working as part of the Cyber Security team and closely collaborating with the Applications Management and Information Governance teams, you will play a pivotal role in supporting the Microsoft 365 (M365) security and compliance applications. This includes administering the relevant portals, ensuring that all security protocols are effectively implemented and maintained.
Your expertise will be crucial in safeguarding our digital infrastructure and ensuring compliance with relevant regulations. You will also work alongside the Applications Management team to integrate security measures into our application development processes, ensuring that our systems are secure.
This position offers a unique opportunity to make a significant impact on the security posture of the Senedd. You will be part of a dynamic and inclusive Cyber Security team that values innovation and continuous improvement. If you are passionate about cyber security compliance and looking for a challenging and rewarding role, we encourage you to apply.
- Administer and manage the M365 security and compliance stack of applications, including but not limited to, Microsoft Purview, Defender and eDiscovery.
- Implement tools to classify and label data based on sensitivity and compliance requirements. Ensure that all data is appropriately protected and managed according to regulatory standards.
- Support the Senedd’s ICT security activities, ensuring that all known and new threats are appropriately controlled and that the organisation is suitably equipped to respond to this changing threat.
- Work closely with the Senedd’s Information Governance Team (part of the Legal Service) to support the creation and implementation of relevant policies, strengthen risk management activities and effect process improvement.
- Collaborate with the applications development team to ensure security measures are integrated into application development processes.
- Support the development of AI-powered analytics and reporting tools to provide deeper insights into compliance data.
- Manage various aspects of the security and compliance portal, ensuring that security protocols are effectively implemented and maintained.
- Provide specialist professional advice, guidance, and independent critical analysis to drive the ICT security programme.
- Provide clear advice and guidance to Senedd Members and Senior Managers regarding the regulatory and technical controls needed to assure the Senedd’s information assets are properly protected
- Assist with the day to day operations of the Cyber Security team
Job Specific criteria:
1. Hands-on experience of administrating the M365 security and compliance stack, using tools such as Microsoft Purview, Defender, and eDiscovery.
2. Detailed understanding and experience of cyber security principles. Relevant experience of managing risk to ensure flexible and workable solutions appropriate to the organisation’s requirements.
3. Proven experience of articulating complex and technical topics to all levels of the business.
Desirable criteria:
1. Recognised security industry qualifications in cyber security and/or information governance.
2. Implementation and management of digital sensitivity/retention labelling.
Your expertise will be crucial in safeguarding our digital infrastructure and ensuring compliance with relevant regulations. You will also work alongside the Applications Management team to integrate security measures into our application development processes, ensuring that our systems are secure.
This position offers a unique opportunity to make a significant impact on the security posture of the Senedd. You will be part of a dynamic and inclusive Cyber Security team that values innovation and continuous improvement. If you are passionate about cyber security compliance and looking for a challenging and rewarding role, we encourage you to apply.
- Administer and manage the M365 security and compliance stack of applications, including but not limited to, Microsoft Purview, Defender and eDiscovery.
- Implement tools to classify and label data based on sensitivity and compliance requirements. Ensure that all data is appropriately protected and managed according to regulatory standards.
- Support the Senedd’s ICT security activities, ensuring that all known and new threats are appropriately controlled and that the organisation is suitably equipped to respond to this changing threat.
- Work closely with the Senedd’s Information Governance Team (part of the Legal Service) to support the creation and implementation of relevant policies, strengthen risk management activities and effect process improvement.
- Collaborate with the applications development team to ensure security measures are integrated into application development processes.
- Support the development of AI-powered analytics and reporting tools to provide deeper insights into compliance data.
- Manage various aspects of the security and compliance portal, ensuring that security protocols are effectively implemented and maintained.
- Provide specialist professional advice, guidance, and independent critical analysis to drive the ICT security programme.
- Provide clear advice and guidance to Senedd Members and Senior Managers regarding the regulatory and technical controls needed to assure the Senedd’s information assets are properly protected
- Assist with the day to day operations of the Cyber Security team
Job Specific criteria:
1. Hands-on experience of administrating the M365 security and compliance stack, using tools such as Microsoft Purview, Defender, and eDiscovery.
2. Detailed understanding and experience of cyber security principles. Relevant experience of managing risk to ensure flexible and workable solutions appropriate to the organisation’s requirements.
3. Proven experience of articulating complex and technical topics to all levels of the business.
Desirable criteria:
1. Recognised security industry qualifications in cyber security and/or information governance.
2. Implementation and management of digital sensitivity/retention labelling.
Proud member of the Disability Confident employer scheme
Disability Confident
About Disability Confident
A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to Disability Confident.