Information Assurance & Risk Officer

We are seeking an Information Assurance & Risk Officer/Cyber Security Assurance Officer to contribute to the accreditation and compliance of forces' systems within legal, national and local Information Assurance requirements in support of the Cyber Security Strategy.

This is an Office based role.

A full UK driving licence is required.
Police Vetting is desirable, with 3 years at UK address.
Candidates must be available for immediate start

Key accountabilities:

• Maintain accreditation of force systems and ensure compliance with national and local cyber security standards.
• Identify information and physical security risks and recommend mitigation actions to management.
• Support the development, testing, and maintenance of ICT Disaster Recovery and Business Continuity Plans.
• Contribute to cyber security standards, policies, processes, and procedures to protect force information.
• Develop and deliver security guidance, user education, and operational procedures; build stakeholder awareness and compliance.
• Define and enforce security requirements for third-party suppliers in line with force policies.
• Advise on proportionate, cost-effective security controls for new and existing ICT systems.
• Support accreditation activities, including security design documentation and risk assessments, and represent Information Assurance at relevant meetings.

Key requirements:

Qualifications

• Appropriate qualification or significant experience in one or more of the following specialisms: Data Protection, Information Assurance, Risk Management, IT Security, NIST Cyber Security Framework.
• Appropriate professional qualification in relevant discipline (such as: MSc Information Security, CISSP, CISMP, CESG Certified Professional etc.) is desirable
• Appropriate qualifications and/or experience in Management of Police Information (MoPI) and Physical Security of Police Assured Secure Facilities (PASF)

Skills and experience

• Previous experience in Information Assurance and/or Information Security.
• Able to develop and draft new Information Assurance process docs and update local policies/standards;
• Experience in assessing designs to ensure secure by design methodology is applied and compliance with national policies and standards maintained
• Experience in identifying information security risks and make risk mitigation recommendations;
• Ability to develop security guidance for users and provide advice on security requirements for new and existing IT systems
• Ability to review third party security questionnaires and assess suitability as part of the onboarding process.
• Proven understanding of Risk Management and Information Assurance principles, relevant legislation and Standards is desirable
• Technical understanding of IT systems and/or risk management processes. Must be familiar with Cloud and Mobile technologies.
• Must have capability to travel to different locations across both Forces and undertake all assignments in a timely manner

We will also add your details to our mail out lists. Please note you may receive details of roles outside of your immediate vicinity, as many candidates are able to relocate temporarily for work. Please disregard any such emails that are not of interest and let us know if you would rather not receive such mailouts and/or if you wish us to delete your details and prefer to apply direct to our advertised roles.

If you do not hear from us within three working days, unfortunately your application has not been shortlisted on this occasion. Thank you for your interest in working with us.

Qualification details and any other experience/skills relevant to the role to help support your application should be clearly shown in your CV.