Senior Information and Cyber Security Officer

**Details**:
**Reference number**:

- 347044**Salary**:

- £44,557 - £53,351**Job grade**:

- Senior Executive Officer- B3**Contract type**:

- Permanent**Business area**:

- SSS - Chief Digital Office**Type of role**:

- Other**Working pattern**:

- Full-time**Number of jobs available**:

- 2Contents

Location

About the job

**Benefits**:
Things you need to know

Location
- Dundee, GlasgowAbout the job

**Job summary**:

- This is an exciting role within Digital Risk and Security where you will be instrumental in helping to drive forward the implementation of an ambitious Security Assurance programme. Working with the Head of Security Assurance, the Security Risk and Assurance Manager and team, Security Architects and colleagues across the wider Chief Digital Office, you will help ensure the confidentiality, integrity and availability of corporate digital systems and benefit system releases.- Social Security Scotland, an executive agency of the Scottish Government, is the largest and most complex IT and digital change programme since devolution. With a lifetime budget of over £300m, delivering a social security system that will support the people of Scotland for decades to come. Due to the demands of this exciting programme of work, the Agency is currently experiencing rapid growth and we require more talented digital, security and technology experts to join us.
- The Digital Risk and Security branch are responsible for developing and leading the strategic approach to managing security risk, and for developing the operational cyber security and physical and personnel security functions for Social Security Scotland. The branch comprises two main areas; Security Operations and Security Assurance. The Security Operations teams are responsible for cyber operations, cloud security engineering, protective monitoring and engineering, and physical and personnel security. The Security Assurance teams are responsible for security risk and assurance, compliance management and security architecture.
- **DDaT Pay Supplement**Job description**:
As a Senior Information and Cyber Security Officer, you will play a pivotal role in maintaining the desired cyber security posture in line with our risk appetite and developing an Information Security Management system within a fast-paced environment.
- Conducting regular security assessments to identify potential threats and vulnerabilities.
- Performing risk assessments, providing recommendations for enhancing the security posture of our systems and infrastructure, and ensuring activities are consistent with applicable regulations and legislation.
- Participating in Security Project Design, Procurement, and Implementation activities.
- Collaborating with cross-functional teams to implement and maintain security measures, including Third Party Oversight and Internal and External Security Assessments.
- Staying up to date with the latest cybersecurity threats, technologies, and best practices.
- Developing and maintaining incident response plans, including guidelines and procedures for responding to security incidents, as part of your responsibilities for Incident Response.
- Participating in incident response activities as needed.
- Providing cybersecurity awareness training to employees to promote a culture of security and ensure well-informed and auditable decisions.
- Collaborating with external vendors and partners to ensure compliance with security standards and regulations.
- Developing Information Security policies, procedures, and guidelines, and managing compliance.
- Leading and mentoring a small number of security staff.

**Person specification**:

- 1. Demonstrable knowledge of Information Security standards such as ISO27001 and NIST 800-53.
- 2. Understanding of the internal and external information security risks and administrative, physical and technical controls to mitigate against these
- 3. Experience of providing information security advice and leading on the implementation of Information Security projects.
- 4. Demonstrable knowledge of current legislation including the Data Protection Act 2018 and the GDPR.**Benefits**:

- Annual Leave - You will receive 25 days annual leave on joining us. This will increase to 30 days after four full years of service. You will also have 11.5 public and privilege days of leave every year. We also offer Flexi-time. Any extra hours you've worked can be taken as leave when suitable.- Healthy work life balance - We can offer the possibility of full-time, part-time, term-time, and job shares. We also encourage flexible working.
- Discounts - You can enjoy a vast range of retail, travel and lifestyle discounts through our benefit scheme.
- Personal support for you - Our Employee Assistance Programme gives you confidential, independent information and guidance 24/7.
- Volunteering special leave - Up to six days paid special leave a year for volunteering. We support our staff to help causes important to them.
- Great locations -