Senior Information Security Analyst - JRN 20881/20882
Area Command / Department
Information Management Unit
£37,134 to £40,662
This role will be based in Bedlington with the opportunity for agile working from home with a need to travel throughout the force area.
Are you an enthusiastic and experienced Information Security and Assurance professional looking to work in a fast past and diverse organisation? Would you like to play a key role in serving your community through the provision of robust and progressive information security and assurance controls that will support our police officers and staff to deliver an outstanding policing service and protect the Force’s data, information and systems?
The Information Security and Assurance function has recently developed a new operational model following significant investment by the Force – the introduction of two Senior Information Security and Assurance Analysts will support the strategic vision to grow and develop this area of business.
This is an exciting opportunity that would suit someone who is passionate about all
aspects of technology (especially cloud and mobile) and enjoys problem solving with a problem solving analytical approach. The two posts will have defined areas of responsibility with the opportunity for rotation in the future:
Post 1 – Senior Information Security Analyst (Information and Risk Assurance) – focussing on risk assessments, change management and project engagement, and incorporating responsibility for Records Review and Data Quality functions.
Post 2 – Senior Information Security Analyst (Accreditation and Information Audit) – focussing on system audits and assurance, supporting alignment to ISO 27001, and incorporating responsibility for the Information Assessment, Accreditation and Cyber Support functions.
In return for your dedication and experience, we offer 23 days’ leave, excluding bank holidays, increasing to 28 days for 5 years+ service. We support our people inside and out of work – offering a very competitive pension scheme, childcare vouchers, and discounts on shopping and eating out thanks to the Blue Light Card. And to take care of your physical and mental well-being, we’ve invested in extensive paid sick leave, trained mental health first aiders on-site, an employee advice service and access to gyms in some stations.
What will I be doing?
The successful applicant will be responsible for providing specialist advice and guidance on information security and information risk and assurance matters. You will work with key stakeholders to ensure the Force is compliant with internal and external standards and policies, and support the Force to deliver an outstanding service.
This will include working Information Asset Owners and Project Managers to ensure that information assets and systems are assessed and managed in line with the Force’s risk management processes.
You will review policies and procedures, and work with End Users across the Force to fully understand business and operational information security risk. You will support the identification and assessment of security controls, and validate controls in place to ensure compliance.
As a member of the team, you will be responsible for carrying out risk assessments (including data privacy impact assessments) and giving assurance that risks with new projects and business as usual changes are understood and managed. You will be working to NCSC, ISO 27001, Cyber Essentials and national policing guidelines.
What do I need?
• Educated to degree level (or equivalent relevant experience)
• A relevant certification such as CISMP, CompTIA Sec+, ISO 27001 auditor/implementer
• Technology and ICT background
• Understanding of risk management processes
• Customer Service and Stakeholder management experience
• Strong communication, writing, consulting and client facing skills
• Ability to bridge the gap between technical and business language to create pragmatic, appropriate solutions
• Effective, pragmatic negotiating and influencing skills
• CISSP or CISM certification
• CISSP or CISM certification
• Certified Cyber Professional – SIRA and or / IA Auditor
• Experience of working in a public sector or police force environment
Northumbria Police are currently undertaking a role and reward project in respect of all police staff posts. For further information please contact the Talent Acquisition team.
Management Vetting (MV) (SC)Applicants must be a resident of the UK for a minimum period of 5 years to ensure vetting checks can be successfully performed. A job offer will be dependent upon vetting clearance, medical information and references.
If you have any queries with regard to the application process please contact the Talent Acquisition Team by email at firstname.lastname@example.org
All staff including those appointed on fixed term contracts must successfully complete their probationary period before they are eligible to apply for a Northumbria Police vacancy.
Vacancy Contact: To discuss the position in more detail please contact Alistair Burdon, Information Security & Assurance Manager by email at email@example.com
Northumbria Police fully supports a policy of equal opportunities and we welcome applications from suitably qualified people from all sections of the community, regardless of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex and sexual orientation. Appointments are based on merit alone