Security and Information Risk Advisor
| Dyddiad hysbysebu: | 17 Ebrill 2025 |
|---|---|
| Cyflog: | £36,944 i £42,244 bob blwyddyn |
| Gwybodaeth ychwanegol am y cyflog: | (e.g plus a £5000 Digital, Data and Technology (DDaT) pay supplement after a 3 month qualifying period) |
| Oriau: | Llawn Amser |
| Dyddiad cau: | 06 Mai 2025 |
| Lleoliad: | Glasgow, Dundee |
| Gweithio o bell: | Hybrid - gweithio o bell hyd at 3 ddiwrnod yr wythnos |
| Cwmni: | Scottish Government |
| Math o swydd: | Parhaol |
| Cyfeirnod swydd: | 1152 |
Crynodeb
Salary - £36,944 - £42,244 (plus, a £5,000 Digital, Data and Technology (DDaT) pay supplement after a 3-month qualifying period)
Location - Dundee or Glasgow
Hours - 35 hours per week
Closing Date - Tuesday 6th May 2025 at 23:55
Reference - 1152
Employment Type - Permanent
Overview
Are you ready to drive effective information security risk management for a vital public service? Join us as a Security and Information Risk Advisor within the Digital Risk & Security branch of Social Security Scotland where your expertise will guide our commitment to protecting Social Security Scotland. If you are passionate about cyber security and have a keen interest in safeguarding critical information, apply now to join our talented team and take the next step in your career.
As a Security and Information Risk Advisor, you will play a pivotal role in providing advice and guidance on the effective specification, implementation, and operation of cyber security controls. Collaborating closely with various stakeholders, you will conduct security risk assessments, investigate breaches, and contribute to the development of information security policies, standards, and guidelines. This is a key position within Digital Risk & Security, focusing on ensuring compliance with legislation, regulation, and relevant standards.
DDaT Pay Supplement
This post is part of the Scottish Government Digital, Data and Technology (DDAT) profession and as a member of the profession you will join the professional development system. This post currently attracts a £5,000 annual DDAT pay supplement, applicable after a 3 months competency qualifying period. The payment will be backdated to your start date in the role. Pay supplements are reviewed regularly and there is one currently underway. Changes will be communicated when the review is concluded.
Main Duties
• Provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
• Obtain and act on vulnerability information and conducts security risk assessments and business impact analysis on complex information systems.
• Investigate major breaches of security, and recommend appropriate control improvements.
• Contribute to development of information security policy, standards and guidelines.
• Interpret information assurance and security policies and apply these in order to manage risks.
• Provide advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards and guidelines.
• Use control testing information to support information assurance assessments.
• Contribute to the development of policies, standards and guidelines.
Additional duties
• Liaison with and support of other Digital Risk and Security functions.
• Management of problems and issues, resolutions, corrective actions, and lessons learned.
• Collection and dissemination of relevant information and risk management advice.
• Collection of feedback from customers in order to develop and enhance customer and stakeholder relationships.
• Supporting the assessment of third party suppliers’ control environments.
Further Information
Social Security Scotland are a Disability Confident Employer. We will consider and implement any reasonable adjustments you may require throughout the recruitment process and during the course of your employment, should you be successful in securing a post. If you feel you may require assistance with any part of our recruitment process, please contact us at Recruitment@socialsecurity.gov.scot.
Location - Dundee or Glasgow
Hours - 35 hours per week
Closing Date - Tuesday 6th May 2025 at 23:55
Reference - 1152
Employment Type - Permanent
Overview
Are you ready to drive effective information security risk management for a vital public service? Join us as a Security and Information Risk Advisor within the Digital Risk & Security branch of Social Security Scotland where your expertise will guide our commitment to protecting Social Security Scotland. If you are passionate about cyber security and have a keen interest in safeguarding critical information, apply now to join our talented team and take the next step in your career.
As a Security and Information Risk Advisor, you will play a pivotal role in providing advice and guidance on the effective specification, implementation, and operation of cyber security controls. Collaborating closely with various stakeholders, you will conduct security risk assessments, investigate breaches, and contribute to the development of information security policies, standards, and guidelines. This is a key position within Digital Risk & Security, focusing on ensuring compliance with legislation, regulation, and relevant standards.
DDaT Pay Supplement
This post is part of the Scottish Government Digital, Data and Technology (DDAT) profession and as a member of the profession you will join the professional development system. This post currently attracts a £5,000 annual DDAT pay supplement, applicable after a 3 months competency qualifying period. The payment will be backdated to your start date in the role. Pay supplements are reviewed regularly and there is one currently underway. Changes will be communicated when the review is concluded.
Main Duties
• Provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
• Obtain and act on vulnerability information and conducts security risk assessments and business impact analysis on complex information systems.
• Investigate major breaches of security, and recommend appropriate control improvements.
• Contribute to development of information security policy, standards and guidelines.
• Interpret information assurance and security policies and apply these in order to manage risks.
• Provide advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards and guidelines.
• Use control testing information to support information assurance assessments.
• Contribute to the development of policies, standards and guidelines.
Additional duties
• Liaison with and support of other Digital Risk and Security functions.
• Management of problems and issues, resolutions, corrective actions, and lessons learned.
• Collection and dissemination of relevant information and risk management advice.
• Collection of feedback from customers in order to develop and enhance customer and stakeholder relationships.
• Supporting the assessment of third party suppliers’ control environments.
Further Information
Social Security Scotland are a Disability Confident Employer. We will consider and implement any reasonable adjustments you may require throughout the recruitment process and during the course of your employment, should you be successful in securing a post. If you feel you may require assistance with any part of our recruitment process, please contact us at Recruitment@socialsecurity.gov.scot.