The post holder will report to the Head of ICT Security, Applications and Architecture and will be the IOPC Subject Matter Expert in Security Analysis, Cyber Controls and Technical Security Architecture. Responsibilities include event monitoring, control and alert configuration & incident management governing the security of IOPC Data. Expert hands-on knowledge of software control tools procured and deployed within the IOPC Cloud and On-Premise data centres, networks and databases.

This new role will be the first responder to cyber-attacks and threat analysis / response. This role is a technical and specialist one requiring scarce and valuable skills; the role comprises and extends the existing duties of ICT Security Officer and therefore includes the routine management of information security and assurance.

The post holder will be security cleared to SC level.

What you will need

• Expert and hands-on knowledge of MS Azure and Office 365 Security Tools (security centre, operations centre, e-discovery etc.)
• Ability to detect, deter and defend against Cyber Attack
• Experience of ICT Security (network, web, cloud, end user computing, access control, standards, assurance and design / review)
• Experience of Business Continuity planning
• Experience of building working relationships with a variety of stakeholders
• Experience of maintaining Information Assurance and data handling processes especially as they relate to collaboration and sharing of information across trust boundaries.
• Knowledge of Awareness of security products, protocols, access controls and cryptography needed to support both OFFICIAL and SECRET environments including Intrusion Detection and Prevention tools and SIEM
• Detailed understanding of the PSN accreditation process and supporting documentation such as CoCo and RMADS.
• Knowledge of government information security standards and familiar with the SPF, IAS1 – 6, PMS, NSCS GPGs and other standards such as ISO 27001/2, ISO27005, CPNI 10 Steps and Cyber Essentials
• Awareness of how security needs to be built into application development, release and change management processes.
• Knowledge of the legal issues relating to IS/IT e.g. Data Protection, Freedom of Information and Computer Misuse Acts, Copyright, intellectual property rights.

• Awareness of BC & DR best practice
• Ability to build strong working relationships with a variety of stakeholders
• Ability to work as part of a team
• Strong customer focus
• Communication and presentation skills.
• Positive can-do attitude and flexibility of approach.

Technical

• Must hold suitable ICT Security Certification i.e. one or more of BCS CISMP, ISACA CISM, or ISC2 CISSP
• Membership of a professional body such as BCS, CITP, ISACA, ISC2 or M.Inst.ISP (or prepared to work towards membership)

What we offer

• 27.5 days paid annual leave (increasing with service to 32.5 days)
• options to carry over, buy or sell annual leave
• Civil Service pension
• PAM employee assistance programme
• Access to Civil Service Sports Council (CSSC) membership
• staff networks focussed on each of the protected characteristics – run for staff, by staff
• flexible working options