Information Security Officer - Cardiff, United Kingdom - British Transport Police

British Transport Police

Verified Company

Cardiff, United Kingdom

3 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

British Transport Police (BTP) are recruiting for Two Information Security Officers for permanent, full-time contracts. The role is paying £39,878.80 per annum and will be based in Cardiff.

BTP is the national police Force for the rail network throughout Great Britain, including London Underground, across which we ensure the safety and security of nearly 3 billion passenger journeys and over 100 million tons of freight every year.

The world in which we work is fast-paced, operationally and commercially demanding, and constantly changing.

As an Information Security Officer you will be required to:

Develops and maintains a suite of policies and guidance to create a governance framework to provide appropriate levels of security of information in BTP. This includes interpreting national policies and Police Digital Services (PDS) policy and guidance to provide a policy framework supporting best practice for safeguarding information systems, assets and our people.
Plans, organises, and conducts information assurance activities and accreditation of services across business areas and the supply chain, including national connections, Police Secure Network (PSN) and other codes of connection. To include carrying out risk management activities with varying degrees of complexities within a specific function, technical area or project, often within short timescales. Working with others such as Cyber Security, Digital Policing and other technology functions.
Responsible for investigation, coordination and reporting on information data breaches and information security incidents, some of which may be complex in nature, including the appropriate triaging of all incidents, focusing on containment and recovery ensuring preventative action is taken to minimise the risk of a reoccurrence and reputational damage to the Force.
Liaise with the Force Data Protection Officer (DPO) to make informed decisions on reporting to the Information Commissioner's Office (ICO) and attending Gold Groups as required.

Further information about this vacancy can be found in the attached job description.

The successful Information Security Officer will be required to evidence the following:

Qualifications and Training:

Educated to a minimum 5 GCSE grades A-C or equivalent qualification including English and Mathematics
The post requires significant and relevant experience in Information Security and Risk Management ideally within the policing community. This includes providing information assurance support to technology projects, assessing and controlling risks, and liaising with business partners at all levels to provide assurance.
Must be able to hold or attain a recognised Information Security qualification (such as BCS Certificate in Information Security Management Principles) or equivalent security qualification.
Trained in Risk Management Concepts & Accreditation processes.

Experience:

Establishing, developing and delivering IA processes and procedures within a large organisation.
Investigating complex Information Security incidents and providing recommendations to senior management and the Information Security Manager to mitigate risk.
Undertaking detailed risk assessments, audits and accreditation activities, and preparing detailed reports, identifying vulnerabilities and offer recommendations and solutions.

Skills:

Must evidence mental agility and ability to solve complex issues when tasked with new projects using experience and knowledge of information assurance standards to successfully deliver outcomes within tight timescales.
Ability to work within the business to understand and interpret Information Security risks and control measures.
Strong IT skills, including working knowledge of O365, including Microsoft Word, Excel, and PowerPoint.

Knowledge:

Knowledge of risk management, accreditation and assurance methods.
In depth understanding and practical knowledge of current Information Security Management standards and best practice, including HMG Security Policy Framework, PSN Code of Connection, National Institute of Standards and Technology ISO27001 and any other applicable standards.
Sound understanding and knowledge of relevant statutory obligations, including Data Protection Act / GDPR and the Government Security Classifications.

HOW TO APPLY

"Please provide details of any relevant skills and experience you have that would make you suitable for this role".

Please ensure that both your cover letter and CV are uploaded as one document as there is no option to upload them separately. Applications containing only a CV will not be considered, therefore, please ensure that you include a cover letter.

Salary of Up to £39,878.80 per annum
Working from home allowance available to purchase suitable equipment for blended & home working
28 days annual leave plus bank holidays
Family friendly policies including up to 26 weeks paid maternity and adoption