Regional Information Security and Assurance Lead - London, United Kingdom - Ministry of Justice

Ministry of Justice

Verified Company

London, United Kingdom

2 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

Salary 1
- £31,582 - £39,821 Pro-rata

Number of jobs available - 1

Detail of reserve list - 12 Months

Region - National

City/Town - National

Building/Site - NATIONAL

Grade - Other

Organisation Grade for HMPPS - NPS Pay Band 4 National

Post Type - Fixed Term, Secondment

Duration of appointment - Up to 3 months (likely extension)

Working Pattern - Part Time, Flexible Working

Role Type - Administration / Corporate Support

Job description 1

Applications are open to substantive PS band 2's and band 3's on promotion who would (if appointed) be temporarily promoted to Band 4 on a part-time basis.

Working Arrangements & Further Information

Overview of the job

The Regional Information Security and Assurance Officer (RISAL) sits within the Corporate Service function in the Probation Service region and reports directly to the Head of Corporate Services.

They will have line management responsibility for Information Security related Project Officers within the region.

The RISAL is the link between the Probation Service region and the HMPPS Information Security Team.

The geographical base for the RISAL post can be flexible within their regional area and will require travel across the region and some work in London and other locations.

Summary The RISAL is responsible for ensuring compliance across all Probation Service units within the region with all Information Security Policy Framework requirements and ensuring all quarterly and annual departmental returns are completed and submitted in an accurate and timely manner on behalf of the Regional Probation Director who is the Information Asset Owner.

As the Subject Matter Expert, the RISAL will be required to lead investigations into all security incidents and breaches and report their findings and recommendations in full to the commissioning manager.

The RISAL will chair and manage the Regional Information Assurance Committee and will have a seat on the National Information Management Programme Board chaired by the Business Strategy and Change Lead.

Responsibilities, Activities & Duties
The job holder will be required to carry out the following responsibilities, activities and duties:

As Subject Matter Expert, the RISAL will be the Lead investigator into information security incidents and data breaches. They will lead investigations into how incidents occur and report their findings to the commissioning officer and will give evidence when required, such as disciplinary hearings. The RISAL is responsible for ensuring all recovery actions, both for individuals and for the Service, following an incident are completed and that lessons are learned and shared to avoid future incidents across the region. They will update local policy and best practice guidance to reflect any lessons learned. The RISAL will also be the Regional Point of Contact for any investigations arising from the Information Commissioners Office ( ICO).
The RISAL is responsible for adapting and regionalising the National Information Security Policy Frameworks into a robust and embedded local policy to deliver key milestones. Through collaboration and consultation with senior leaders across the region the RISAL will ensure the policy is implemented and embedded. The RISAL will be the driver, on behalf of the Regional Probation Director, for culture change around all aspects of the Information Security Policy Framework and Information Risk, delivering best practice.
The RISAL will routinely undertake compliance visits across all sites in the region and will be responsible for developing and managing the Regional Risk Register appropriately, managing any emerging risks providing assurance and escalating risk where required to Regional Probation Director or HMPPS Information Security. They will identify and agree any necessary recovery actions with the site lead and monitor progress through to completion.
Cabinet Office commission completion of an annual information security compliance statement, (Departmental health check), across Government. The RISAL is responsible for ensuring the ongoing departmental health check is completed on behalf of the Regional Probation Director, within a timely manner as stipulated by HMPPS Information Security. The RISAL will be required to understand any areas of deficiency within the Region and implement a robust strategy to improve levels of compliance across the Region.
Provide technical expertise to ensure the Regional Probation Director and Senior Leadership Team understand their responsibilities as Information Asset Owner and Information Asset Custodians.
Provide a monthly status report on Security Incidents/Breaches, to the Senior Leadership Team, including trends and risks analysis and demonstrating actions and mitigations the RIASL has completed and any further required recommendations for controls and mitigating actions.
Provide technical advice and guidance to Heads of Departments to ensure th