Regional Information Security and Assurance Lead

**Details**:
**Reference number**:

- 303976**Salary**:

- £30,812 - £38,289- pro-rata- A Civil Service Pension with an average employer contribution of 27%**Job grade**:

- Other- NPS Pay Band 4 National**Contract type**:

- Fixed Term
- Secondment**Length of employment**:

- For a period of up to 10 months (possible extension)**Type of role**:

- Administration / Corporate Support**Working pattern**:

- Flexible working, Part-time**Number of jobs available**:

- 1Contents

Location

About the job

**Benefits**:
Things you need to know

Location
- East Midlands (England), East of England, North East England, North West England, South East England, South West England, Wales, West Midlands (England), Yorkshire and the HumberAbout the job

**Job summary**:

- This is a National Role**Job description**:
Applications are open to substantive PS band 2’s and band 3’s on promotion who would (if appointed) be temporarily promoted to Band 4 on a part-time basis.

**Working Arrangements & Further Information**

**Overview of the job**

The Regional Information Security and Assurance Officer (RISAL) sits within the Corporate Service function in the Probation Service region and reports directly to the Head of Corporate Services.

They will have line management responsibility for Information Security related Project Officers within the region.

The RISAL is the link between the Probation Service region and the HMPPS Information Security Team.

The geographical base for the RISAL post can be flexible within their regional area and will require travel across the region and some work in London and other locations.

**Summary**

The RISAL is responsible for ensuring compliance across all Probation Service units within the region with all Information Security Policy Framework requirements and ensuring all quarterly and annual departmental returns are completed and submitted in an accurate and timely manner on behalf of the Regional Probation Director who is the Information Asset Owner.

As the Subject Matter Expert, the RISAL will be required to lead investigations into all security incidents and breaches and report their findings and recommendations in full to the commissioning manager.

The RISAL will chair and manage the Regional Information Assurance Committee and will have a seat on the National Information Management Programme Board chaired by the Business Strategy and Change Lead.

**Responsibilities, Activities & Duties**

The job holder will be required to carry out the following responsibilities, activities and duties:

- As Subject Matter Expert, the RISAL will be the Lead investigator into information security incidents and data breaches. They will lead investigations into how incidents occur and report their findings to the commissioning officer and will give evidence when required, such as disciplinary hearings. The RISAL is responsible for ensuring all recovery actions, both for individuals and for the Service, following an incident are completed and that lessons are learned and shared to avoid future incidents across the region. They will update local policy and best practice guidance to reflect any lessons learned. The RISAL will also be the Regional Point of Contact for any investigations arising from the Information Commissioners Office ( ICO).
- The RISAL is responsible for adapting and regionalising the National Information Security Policy Frameworks into a robust and embedded local policy to deliver key milestones. Through collaboration and consultation with senior leaders across the region the RISAL will ensure the policy is implemented and embedded. The RISAL will be the driver, on behalf of the Regional Probation Director, for culture change around all aspects of the Information Security Policy Framework and Information Risk, delivering best practice.
- The RISAL will routinely undertake compliance visits across all sites in the region and will be responsible for developing and managing the Regional Risk Register appropriately, managing any emerging risks providing assurance and escalating risk where required to Regional Probation Director or HMPPS Information Security. They will identify and agree any necessary recovery actions with the site lead and monitor progress through to completion.
- Cabinet Office commission completion of an annual information security compliance statement, (Departmental health check), across Government. The RISAL is responsible for ensuring the ongoing departmental health check is completed on behalf of the Regional Probation Director, within a timely manner as stipulated by HMPPS Information Security. The RISAL will be required to understand any areas of deficiency within the Region and implement a robust strategy to improve levels of compliance across the Region.
- Provide technical expertise to ensure the Regional Probation Director and Senior Leadership Team understand their responsibilities as Information Asset Owner and Information Asset Custodians.
- Provide a