Security Risk and Assurance Analyst

We are currently seeking applications for a Security Risk and Assurance Analyst within Social Security Scotland based in Dundee or Glasgow. This is a permanent and pensionable appointment and new entrants will normally start on the minimum of the pay range. Candidates with a disability who meet the essential criteria below will be invited to the assessments.

DDat Pay Supplement
This post attracts a £4,000 DDaT (Digital Data and Technology) pay supplement after a 9 month competency qualifying period. Pay supplements are temporary payments designed to address recruitment and retention issues caused by market pressures and are subject to regular review. This post is part of the Scottish Government DDaT profession. As a member of the profession you will join the professional development system, currently BCS RoleModelplus.

Overview
Social Security Scotland, an Executive Agency of the Scottish Government, is the largest and most complex IT and digital change programme since devolution. With a lifetime budget of over £300m, delivering a social security system that will support the people of Scotland for decades to come. Due to the demands of this exciting programme of work, the Agency is currently experiencing rapid growth and we require more incredible digital, security and technology experts to join us, including Security Risk and Assurance Analyst’s.

The Chief Digital Office (CDO) Division has a remit to provide infrastructure and systems to support both the wider social security programme and Social Security Scotland. The division is responsible for delivering the infrastructure, capability and digital solutions that will support the Social Security Programme and Social Security Scotland. Key focus areas of the CDO Division are:

• Architecture and overall design;
• Technologies and Platforms;
• Digital Risk and Cyber Protection;
• Operational Delivery and Capability;
• Service Management Service Development

Essential Criteria

• Demonstrable experience in a security risk and compliance role and management of a compliance governance framework;
• Knowledge of information security standards and information assurance legislation (GDPR, UKDPA, ISO27001, etc);
• Demonstrable experience of risk management methods and techniques;
• Third party governance to key metrics and performance indicators

Important Information Regarding Interviews
In recognition of the Scottish Government’s ongoing measures and guidance in its response to Covid-19 (Coronavirus), we would like to advise applicants that a decision has been taken that all interviews must be conducted in a virtual/remote setting.

In order to facilitate this new way of working, we are asking all applicants to ensure that they have a suitable space to complete the virtual interview as well as a personal device of choice with an account registered to the ’MS Teams’ app by which you can undertake the interview/assessment if selected. We are also asking you to ensure that your personal Wi-Fi/Broadband capacity will be sufficient to carry both audio and video feeds to undertake the interview. This will then ensure that there are no issues incurred during the interview.

Further Information and Application Process
For further information on this vacancy please download and review the "DDaT Person Specification" which you will find below. To learn more about this opportunity, please contact Rachel Dunlop who can be reached at Rachel.Dunlop@socialsecurity.gov.scot.

To apply for this post, you will need to provide the information requested below via the online application process. These must be combined into one document as the system can only accept a single document upload per application.

• A CV (no longer than two pages) setting out your career history, with key responsibilities and achievements.
• Include a personal statement in your CV (no longer than 750 words) explaining why you consider your personal skills, qualities and experience suitable for this role, with particular reference to the essential criteria mentioned above

Failure to submit a single combined document (CV and personal statement) will mean the panel only have limited information on which to assess your application against the criteria in the person specification.

When considering how your experience relates to the role, please tailor your CV and personal statement to reflect the role and the essential skills/criteria as described in the job description / person specification.