×

Job Details

Security Risk Manager

Stony Brook, Suffolk County, United Kingdom, £35,310 - £45,018 , Permanent

Posted: 17 hours ago

Description:

Locations: Blackpool, Leeds, London, Manchester, Newcastle-upon-Tyne, Sheffield

Join our new Security Risk Assurance Team and help us drive continuous improvement across the Security Assurance service in DWP.

Could you be a Government Security Assurance Professional? Do you want to be part of an exciting and growing area of work? Are you willing to learn and develop and work towards qualifications while you deliver in a key role?

DWP is the largest government department, m,aking payment s worth £195bn a year to around 25 million people. You'll support DWP's Security Strategy by providing internal independent assurance to Senior Leaders, service owners, stakeholders and relevant external bodies that strategic security risks to DWP business objectives are being managed effectively.

This roles supports the vital second line of assurance within the Governments three lines of defence model.

About the team:

DWP is at the forefront of risk and controls based security within Government. We're leading on the tranches of the Transformed Security model in HMG.

Within DWP, the Enterprise Security Risk Management (ESRM) Security Risk Assurance team:

Provide impartial assurance that strategic security risks are managed effectively.
Provide the DWP executive team and senior leadership with confidence that assets are well protected and risk managed.
Provide assurance that the security of Department is sufficient to enable our leaders to meet their objectives.
Provide our leaders with a professional opinion of where and how the departments security posture could be improved.
The Security Risk Assurance team undertake varied activities to gather evidence on the security of DWP assets, including interviews, sampling, design review, IT health checks and controls testing.

The team analyse findings from these activities to provide confidence that DWP is sufficiently secured against the NIST cyber security framework and make recommendations for areas for investment and improvement.

About your role:

As a Senior Security Risk Assurance Manager you'll work within a team to determine what information and evidence is required to enable assurance activity to be undertaken.

You'll use your security knowledge to provide security assurance to the product owner so have confidence their product is appropriately secured, and that DWP is secure to deliver its priorities.

You will:

Identify sources of the information and support colleagues in obtaining and analysing the information, resolving issues where necessary.
Lead the production of the assurance report which will provide confidence to product owners.
Research, evaluate and interpret evidence to provide a holistic and robust assessments on the security posture of People, Process and Technology to create evidence based findings and recommendations for improvements.
Test and verify the effectiveness of security controls
Identify and assess existing/new threats and security alerts, and provide assurance and recommendations after any incident has been addressedDeveloping your skills with us

If you don't have a qualification in CGEIT, 27005 risk management professional, ISO27001 Lead Auditor, or PCIRM, COMTIA security+ then you'll be supported to work towards relevant qualifications here.

We welcome applications from security professionals who have built their skills and knowledge experientially too.

Experience of security management, and understanding of security controls, ISM systems, risk assessment and security monitoring/testing processes are welcome, but not mandatory and these will not be assessed.

Successful candidates must be prepared to undergo SC clearance prior to taking up duty.

What skills and experience do you need?

Understand and interpret information quickly; provide advice and guidance on requirements to stakeholders at all levels.
An effective decision maker, who utilises evidence, available data and personal knowledge to provide clear, accurate and professional decisions.
An understanding of Information Security and Risk Management.
Self-motivated with a passion for security and technology, a willingness to develop your skills, to enable career enhancement within security and risk management.
The ability to thrive in a challenging environment, working to tight deadlines while prioritising a large and varied workload.
Proven leadership experience and the ability to engage, negotiate and communicate easily and confidently with people at all level.
Your pay and reward

Salary for this role is £39,301 - £45,018 in London and £35,310 - £40,666 everywhere else.

You'll be eligible for a Civil Service Pension, with employer contributions worth around 27%.

We have a broad benefits package built around your work-life balance which includes:

Flexible working
* Family friendly policies
* Volunteering and charitable giving
* Discounts and savings on shopping, fun days out and more
* Interest-free loans to buy a bike or a season ticket
* Sports and social activities
* Learning and development, including coaching, mentoring, qualifications and accreditation
* Career progression opportunities and lots moreClick Apply for more information and to start an application on Civil Service Jobs

Job Details

1173362942
Stony Brook, Suffolk County, United Kingdom
Permanent
£35,310 - £45,018