Salary - £57141 - £71243 + £5,000 DDaT Pay Supplement after 3 month qualifying periodLocation - Dundee or Glasgow Hours - 37 hour.....
Salary - £57141 - £71243 + £5,000 DDaT Pay Supplement after 3 month qualifying period
Location - Dundee or Glasgow
Hours - 37 hours per week
Closing Date - 12th September 2024 at 23:55
Reference - 2024-9664
Employment Type - Permanent
Overview
Do you have experience working in a fast-paced Information Assurance and Security environment and are you looking to take the next step in your career?
Social Security Scotland has an exciting opportunity for a Cyber Security Risk and Assurance Manager to ensure the agency maintains a high level of security assurance, governance and compliance in line with our risk appetite.
You will lead a talented team of Information and Security Officers and Security Risk Advisors to drive forward the implementation of an ambitious Information Security Assurance, Governance and Risk Programme.
The Security Risk and Assurance team manages risk, provides security consultancy, ensures supply chain assurance, manages the Security Awareness programme develops security policies and the Information Security Management System. The team works closely with the Head of Security Assurance and teams across the Chief Digital Office to ensure the confidentiality, integrity, and availability of information and information systems across the organisation.
This is a high-profile role that offers the successful candidate the opportunity to make a significant and positive difference to people who rely on Social Security Scotland.
The role will initially provide cover for maternity leave of an existing Cyber Security Risk and Assurance Manager for 1 year which will involve leading a team, after which the role will evolve its focus towards governance and compliance with differing line management responsibilities.
DDaT Pay Supplement
This post attracts a £5000 Digital, Data and Technology (DDaT) pay supplement after a 3 months DDaT competency qualifying period. The payment will be backdated to your start date in the role. Pay supplements are temporary payments designed to address recruitment and retention issues caused by market pressures and are subject to regular review. This post is part of the Scottish Government DDaT profession. As a member of the profession you will join the professional development system, currently BCS RoleModelplus.
Main Duties
• Lead risk management activities for complex and novel scenarios, ensuring compliance with regulatory and legislative requirements while applying fundamental risk management principles.
• Guide and mentor risk managers and specialists, fostering skill development, sharing best practices, and promoting collaboration across government and industry.
• Conduct comprehensive analyses of complex security needs and deliver Cyber Security risk assessments, providing guidance on governance arrangements.
• Ensure fundamental organisational security needs are met through integrated assurance techniques that instil confidence in risk, service, or system ownership.
• Shape leadership decision-making by providing effective reports on security process effectiveness and acting as a subject matter expert on cyber risk management issues.
• Drive balanced and cost-effective risk management decisions, ensuring integration into corporate governance processes for complex situations.
• Embed risk management practices within business activities such as system development, security architecture, and procurement.
• Deliver tailored risk assessments and provide security advice on non-standard use cases, leveraging expertise in specific topics or technologies.
• Apply standardised control frameworks (e.g., ISO 27001/2) while recognising their strengths and limitations, and provide guidance on the impact of security measures on users and business needs.
• Proactively gather and analyse threat information to understand the evolving threat landscape, enhancing the organisation’s security posture.
Further Information
Social Security Scotland are a Disability Confident Employer. We will consider and implement any reasonable adjustments you may require throughout the recruitment process and during the course of your employment, should you be successful in securing a post. If you feel you may require assistance with any part of our recruitment process, please contact us at Recruitment@socialsecurity.gov.scot.
