Protective Security Lead- ID 2021-1392

Scottish Government

View: 105

Update day: 01-06-2024

Location: Dundee Scotland

Category: Security

Industry: Government Public Administration

Job type: Full-time, Permanent

Loading ...

Job content

Reference number

174300

Salary

£39,312 - £47,065

Grade

Senior Executive Officer

Contract type

Permanent

Type of role

Other

Working pattern

Full-time

Number of posts

1

Location

Dundee, Scotland, DD1 1QE : Glasgow, Scotland, G4 0QW

About the job

Summary

We aim to develop within Social Security Scotland, a positive and inclusive culture, which supports our people to flourish, by embedding a working environment where we all treat each other with dignity and respect, and recognise each other’s contributions.



Colleagues of Social Security Scotland work in a diverse, supportive environment. In certain roles staff use flexible working. We are happy to accept your application if you wish to work part-time. You will have a minimum 5 weeks of annual leave (pro rata) in addition to all public and privilege holidays. Roles within Scottish Government allow for a number of other benefits including great support from managers through monthly conversations and a strong mentoring scheme. All staff are given a workstation assessment so that we can make you as comfortable as possible in your new role by putting in place any reasonable adjustments you may require.



We are currently seeking applications for a Protective Security Lead based in Glasgow or Dundee. This is an exciting opportunity to lead on Physical, Personnel and Counter Terrorism Security. The post holder will provide pragmatic security and information assurance advice to a range of stakeholders including business areas and the wider Scottish public sector. A security qualification or professional security certification is desirable but relevant experience will be considered.

The Protective Security Lead is responsible for overseeing Physical, Personnel and Counter Terrorism policy and strategy across Social Security Scotland and co-ordinating risk assessment activities on behalf of the Senior Information Risk Owner.



We offer meaningful and engaging careers, a collaborative culture, and support for your career goals, all while nurturing a healthy work-life balance.
We provide an employment package that attracts, develops, and retains only the best talent.



Our reward scheme includes:


  • Contributory Pension Scheme (employee contributions 5.45% employer contributions 27.1 - 27.9%)
  • You will have an annual leave allowance of 5 weeks, rising to 6 weeks after 4 years. In addition, the Scottish Government observes 11½ days public and privilege holidays, dates of which are set annually
  • Weekly Hours: 37 hrs
  • Flexible working arrangements with potential of up to 4 days off per month
  • Further benefits are available in the rewards package

Job description

  • Raise and champion awareness of physical and personnel security issues within the organisation
  • Champion good security practice and handle local personnel & physical security issues, escalating where appropriate
  • Work with the Security Compliance team on developing and implementing physical and personnel security controls to ensure alignment with applicable standards (ISO27001 etc.)
  • Support internal and external audits of physical and personnel security controls.
  • Interpret, implement and monitor security controls for the appropriate maintenance of personnel security for National Security Vetted staff
  • Ownership and maintenance of the physical and personnel security risk register where risks are identified, documented, tracked, mitigated and monitored.
  • Undertake risk assessments to identify and manage security weaknesses
  • Retain records of incidents and risks, using this data to influence policy and procedures based on lessons learned
  • Maintain awareness of current and emerging threats and issues; and their potential impact on security practises
  • Create and maintain a robust insider threat strategy, including training and reporting mechanisms and champion the mitigation of insider threat through effective Personnel & Physical security practices
  • Provide SME input into the development and maintenance of training/awareness sessions to ensure that they are kept up to date and reflective of the current threat landscape
  • Ensure that Critical facilities (including locations that house critical technical infrastructure, industrial control systems and specialised equipment) are protected against power outages to prevent critical services from being disrupted by loss of power
  • Ensure that Critical facilities (including locations that house critical technical infrastructure, industrial control systems and specialised equipment) are protected against fire, flood, environmental and other natural hazards to prevent services being disrupted by damage to critical facilities caused by fire, flood and other types of hazard.
  • Ensure that all critical facilities (including locations that house critical technical infrastructure, industrial control systems and specialised equipment) are physically protected against accident or attack and unauthorised physical access to restrict physical access to authorised individuals, ensure that critical facilities are available when required and to prevent important services from being disrupted by loss of, or damage to, equipment or services.
  • Ensure that a security profile for each local environment is documented and maintained, which contains important business and security details about business users, information, business applications, equipment, technology and locations to provide a high-level picture of the type and importance of business conducted in the local environment, which helps support security decisions about activities relating to the local environment.
  • Ensure that arrangements are made to coordinate information security activity in individual business units/departments to ensure that security activities are carried out in a timely and accurate manner, throughout the organisation, and that security issues are resolved effectively
  • Line management responsibility


Responsibilities

1. Demonstrable experience of providing advice to a range of stakeholders on security standards and policy such as the Cabinet Office Security Policy Framework, ISO/IEC27001:2013, Cyber Essentials, PCI DSS, Cyber Resilience Framework, CPNI
2. Demonstrable experience of undertaking Information Security Risk assessments in-line with industry best practise methodologies and with a specific focus on Physical, Personnel and Counter Terrorism.
3. Excellent communication skills and experience of communicating to different audiences, including senior management, with the ability to describe technical issues in non-technical manner.
4. Demonstrable experience of managing multiple projects and initiatives with limited supervision; working effectively across multiple stakeholder groups, geographies and service lines.

Benefits

  • Learning and development tailored to your role
  • An environment with flexible working options
  • A culture encouraging inclusion and diversity
  • A Civil Service pension
Loading ...
Loading ...

Deadline: 16-07-2024

Click to apply for free candidate

Apply

Report job
Loading ...
Loading ...

SIMILAR JOBS

Loading ...
Loading ...