Pds Information Security Officer

**Join Police Digital Service as PDS Information Security Officer**

**About Police Digital Service**

To protect people from harm in our rapidly changing world, police services must not only keep up with technology and business changes but develop capabilities and ways of working that will enable them to adapt to and deal with the complexity of modern criminality.

Our vision is to support UK policing to keep people safe, get more from technology investments and make better use of public money, and we’re always on the lookout for great talent to help us achieve this.

**Our Values are**
- We value People
- We do the right thing
- We are innovative
- We are one Team
- We are proud and passionate

**Why Join us?**
- Balance is important and we want you to take time off to recharge - we offer 28 days’ annual leave plus bank holidays, rising to 30 days after 5 years of service. Holiday Purchase also available
- Flexible working hours - We trust you to do your job and we appreciate that life doesn’t always fit around a 9 to 5 workday. We operate core hours of 10 to 4, Monday to Friday (37hr week)
- We care about your well-being - we have an EAP that offers not just welfare benefits but also retail discounts
- Plan for the future - we offer an excellent pension scheme and life assurance cover
- Put your mind at rest regarding your health - offering remote GP, mental health and physiotherapy appointments via video consultation
- Family - Enhanced maternity and paternity pay along with a flexible return to work
- Community - one paid day off per year for volunteering

You can find out more here:
Benefits - Police Digital Service (pds.police.uk)

**Key Responsibilities**
- Support delivery of the Information Security Management System, including governance, risks & issues and compliance returns for National Policing
- Maintain Security Policy framework, working with stakeholders to ensure that Information Security related Policies, Procedures and Standards are up-to-date and available
- Lead management of information security risks, produce relevant risk reports and metrics
- Lead and implement actions from the communications strategy
- Support management of security incidents, assisting in the provision of security advice and solutions. Manage the security incident reporting process
- Lead and maintain relationships with Business Units, and other partners/customers
- Support management of information security asset and cyber service inventories
- Assist in assessment of intelligence, threats to, and vulnerabilities of; information systems and assets
- Provide support on PDS audit activity including annual ISO 27001 audits
- Provide information to senior leaders, both written and verbal
- Promote the opportunities for collaboration

**What you need to succeed in the role**

Skills & Knowledge:

- Qualifications in IT, information assurance and governance or related discipline/significant relevant experience
- Knowledge and significant experience in information security and risk management
- Strong engagement focus and proactive style
- Demonstrable understanding of the principles of risk management
- Good IT skills, including the use of Microsoft suite of tools
- Good communication skills, to produce persuasive material to engage colleagues and external stakeholders
- Awareness of information security controls and frameworks such as ISO27001 and NIST
- Good understanding of privacy requirements and other relevant legislation and regulations
- Good working knowledge of Digital Policing Strategy and understanding of current technologies and cyber challenges
- Ability to work independently, managing a wide and varying workload, prioritising tasks and meeting deadlines
- Being of the highest integrity with a strong understanding of confidentiality and security

Essential:

- Proven IT/Information security and risk management in large organisations with complex security and compliance requirements
- Production of/or input to policy, process and procedural documentation
- Supporting the design, implementation and operation of security controls
- Defining and/or implementing security controls across multiple layers of the IT architecture stack
- Developing strong working relationships with a number of stakeholders
- Implementing/running security processes aligned to information and cyber security governance frameworks
- Analytical, literacy and numeracy skills to research, interpret, compile and write Risk and Compliance reports
- Non-police personnel vetting and Security Check will be required and must be maintained during tenure. Will be required to sign Official Secrets Act

Desirable
- Working in Defence, ‘Blue Light’ and/or Government organisations
- Utilising the Microsoft 365 Security suite of tools
- Participating in and/or leading audits against ISO27001 NIST or similar

**Diversity, equity and inclusion**

**Working Arrangements**

This is a remote role.