Information and Security Officer - Lowestoft, United Kingdom - Centre for Environment, Fisheries and Aquaculture Science

Centre for Environment, Fisheries and Aquaculture Science

Verified Company

Lowestoft, United Kingdom

2 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

Details:

Reference number:

Salary:

- £39,150 - £43,280

A Civil Service Pension with an average employer contribution of 27%
Job grade:
Senior Executive Officer
Contract type:
Permanent
Business area:
CEFAS
Corporate
Type of role:
Knowledge and Information Management
Security
Working pattern:
Flexible working, Fulltime, Job share, Parttime
Number of jobs available:
1Contents

Location

About the job

Benefits:

Things you need to know

Location

Lowestoft, WeymouthAbout the job

Job summary:

The Information and Security Officer will be responsible for two important business critical and government policy areas Information Security and Business Continuity.

This role requires a certain amount of autonomy, with the postholder acting on their own initiative, within set parameters, making decisions around work priorities and resolving, often complex issues.

Supporting the Head of Risk, Security and information with managing and motivating staff in this area, the role will require good interpersonal and communication skills.

The role will require a good technical understanding of information management, Business Continuity and information security risk management.

The post holder may be required to perform duties other than those given in the job description.

The duties and responsibilities attached to the post may vary from time to time without changing the general character of the duties or the level of responsibility entailed.

- and late-career changers with transferable skills, people from all backgrounds and circumstances regardless of disability, gender, age, ethnicity, LGBT+ identity and socio-economic status.

Job description:

The Post Holder will be the lead for Information Security Management System, this will include (but not limited to); working with Information Asset Owners to assess and manage risks to Cefas critical information assets, and responsible for maintaining and managing the accreditation cycle of those critical information assets, managing Business Continuity, Incident Management and Disaster Recovery planning, exercising and activation of those plans.

The Post Holder will work closely with the IT Services Group to ensure cyber security actions are completed and mitigating controls are in place and working.

The post holder will manage aspects of Records Management, Data Protection Management, and Freedom of Information Management, which will include (but not limited to), Defining and managing classifications and record types, managing and improving records management within Cefas, ensuring full retention period activation for stored electronic and paper records, managing Cefas compliance with the Data Protection Act.

Collaboration with Defra - Records Management, Data Protection, and Freedom of Information teams, to develop, maintain and promote best practice.

Creation, updating and promotion of the Information Management and Security Teams policies and PAG's.

The post holder may be required to perform duties other than those given in the job description.

The duties and responsibilities attached to the post may vary from time to time without changing the general character of the duties or the level of responsibility entailed.

Person specification:

The following are essential criteria required for this role and you must be able to demonstrate your skills and experience in the following areas:

Experience of engaging, advising and influencing at all levels of an organisation including senior managers;
The ability to consider the correct approach for each individual challenge;
The ability to take a crossgovernment approach, considering the impact of your decisions in the broadest of settings;
Understanding information security and assurance covering Cyber, personnel and physical;
Understanding and working knowledge and experience of information risk management;
Experience working within an ISO27001 compliant information security management system or experience working within an ISO22301 compliant Business Continuity Management System;
The ability to form excellent relationships within Cefas and across Defra, especially with the Defra Groups within the teams' areas of responsibility;
The ability to analyse information to provide appropriate expert advice and guidance;
Experience of managing complex and diverse workload, leading and drawing on multiple teams across Cefas and Defra to complete tasks;
Proven ability to perform effectively to deadlines, maintaining focus in challenging situations and adapting to find solutions that meet the needs of stakeholders;
Certified Information Security Manager in good standing or Certified Information Security Systems Professional in good standing or willing to work towards one of these qualifications.

Behaviours:

We'll assess you against these behaviours during the selection process: