Head of Information Security - Darlington, United Kingdom - Department of International Trade

Department of International Trade

Verified Company

Darlington, United Kingdom

2 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

This is an exciting time to work in DIT, a Department at the heart of the UK's relationship with the global economy.

Our role is to promote UK trade globally by attracting foreign investment to our shores. We support UK businesses to take advantage of the global appetite for British goods and services. We also assist international companies to collaborate with UK suppliers.

The Security function's role is to protect the Department's people, assets, and information from those who wish to do damage to the Department.

We do this by building a diverse team with expert, generalist, and entry level roles to work together to solve the challenges, we face.

This mix allows us to develop talent and to benefit from a wide range of life experiences.

The security function has three separate elements, the core security team, the trade negotiations security team, and the security transformation project team.

This role sits in the core security team.

The purpose of the role is to improve Information Security across the whole of DIT.

Playing a critical role in developing DITs Information Security process and procedures implementing controls to protect and preserve all of DIT information.

The Information Security role will work closely and collaborate with other teams, including Knowledge Information, Cyber, as well as the UK National Technical Authorities, to identify and understand the Information Security threats to DIT and wider government.

You will provide advice to improve and strengthen information security that preserves the confidentially integrity and availability of information assets.

Your advice will ensure compliance with legal and regulatory requirements, in alignment to HMG security standards.

You will support senior security colleagues, to determine how to manage information security risks affecting DIT. You will collaborate across a network of multi-disciplinary teams and contacts across DIT.

You will be expected to create and maintain links with the wider government information security profession and policy makers to ensure DIT complies with and maintains best practice information security and assurance.

Working with DIT enablers to ensure that Information Security dovetails seamlessly with other areas (e.g. Cyber and Knowledge Information).

Primarily to ensure that technologies used across DIT protect the information they carry, while keeping critical IT infrastructure, data, systems and communications safe and secure against a variety of threats.

Ensure DIT Information Assets handled internally are protected in alignment with agreed governance structures.

Job description

Lead on implementation of Government Security Classifications advice across DIT, including delivery of the updated GSC policy guidance.
Work to identify gaps in DIT Information Security processes and provide leadership to ensure wider security requirements for DIT are developed and implemented in aligned to Government Security Standards (Gov.007).
Develop and maintain DIT Security Policies portfolio, updating existing policies, ensuring they are published across DIT's IT platform.
Develop and deliver security briefings, covering information security as and when required; to increase awareness of Information Security across DIT.
Participate in the development of incident management policies. Undertake appropriate work to develop the process and align to key aspects of the Departmental Security Health Check.
Provide advice and guidance on information security, manage identified risks, ensuring adherence to appropriate HMG standards, and recommending appropriate control and improvements.
Provide advice and assurance on major project business cases. This will involve liaison with the major projects team and with the wider security team to gather input and advice.

Hybrid working
Please be aware that this role can only be worked from within the UK and not overseas.

Informal hybrid working arrangements will be available as agreed with the vacancy manager and in line with the requirements of the role.

Most DIT employees will be working a hybrid pattern, spending 2-3 days a week (pro rata) in an office, on average.

If your office location is London, you will be eligible to receive London weighting.

Person specification

Essential Criteria

The ability to distil technical information into understandable business language both verbally and in writing.
The ability to prioritise between multiple work streams to ensure that deadlines are met.
Excellent problemsolving and analytical skills.

Desirable Criteria

A certain level of technical security understanding would be useful.
Experience of working within or with government security.
Ability to manage own time and act as main point of contact for your area of work.
Qualification in a recognised Information Security related area such as CISMP
Certificate in Information Security Management Principles /ISO27001 or equivalent experi