Senior Security Risk and Assurance Analyst (IRC67891 E)
We are currently seeking applications for a Senior Security Risk and Assurance Analyst within Social Security Scotland based in Glasgow. This is a permanent and pensionable appointment and new entrants will normally start on the minimum of the pay range. Candidates with a disability who meet the essential criteria below will be invited to the assessments.
The Smith Commission proposed the devolution of significant powers over social security to the Scottish Parliament. These powers are set out in the Scotland Act 2016. Once implemented, control over social security benefits of around Â£3.3bn per annum will be transferred from the UK Parliament. The provisions of the Act also contain extensive new powers to create benefits. In May 2016, Scottish Ministers announced that a new Agency would be established to deliver social security in Scotland. An exciting opportunity to help shape the new arrangements has arisen within the Chief Digital Officer Division.
The Social Security Programme represents a significant delivery, technology and digital challenge for the Scottish Government. Setting the new system up is a hugely complex task but a challenge that we relish and one that we are absolutely determined to get right. The goal is a social security system that is there to support the people of Scotland, when they need it, for decades to come.
For this role you will have a professional security qualification (CISSP, CISMA, CISMP etc) or demonstrable experience in a security risk and compliance role with specialist knowledge and understanding of information security standards with demonstrable experience in interpreting and applying information assurance legislation and policies (GDPR, ISO27001 etc).
There is a requirement to attend meetings as necessary in other SG offices, including Edinburgh and Dundee.
For jobs in Band B & C you must hold a minimum of 3 Highers or equivalent.
Other qualifications equivalent to these may also be acceptable, if you are in any doubt please contact to discuss.
Please note: If you fail to demonstrate how you meet the minimum qualifications as stated above, your application will be automatically sifted out.
1. Demonstrable experience of risk management methods and techniques and an understanding of various cloud architectures.
2. Practical experience of implementing and managing a compliance governance framework and delivering support to both external and internal audits
3. Experience of managing third party suppliers to key metrics and performance indicators.
4. Experience of achieving and maintaining accreditations such as Cyber Essentials and ISO27001.
For further details and to apply online, visit our website at http://bit.ly/sgvacancies. To apply, please submit a short CV (Two sides of A4) and a covering letter (1 side of A4) (as one document) via the online portal. To learn more about this opportunity, please contact Helen Robertson who can be reached at email@example.com or 0141 242 0121.
If you experience any difficulties accessing our website or completing the online application form, please contact the Recruitment Team on 0131 244 5739 or via firstname.lastname@example.org.