Risk Lead - London, United Kingdom - Department for Business and Trade - Digital, Data and Technology

Department for Business and Trade - Digital, Data and Technology

Verified Company

London, United Kingdom

2 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

About us

The Department for Business and Trade (DBT) is the department for economic growth.

The Digital, Data and Technology (DDaT) directorate develops and operates tools and services to support businesses to invest, grow and export, creating jobs and opportunities across the country.

DBT Cyber work to improve the security of the systems and processes that affect the operation of the Department. The Governance Risk and Compliance (GRC) team were established to create a safer Cyber landscape to deliver DBTs vision, and do this through establishing good practice in new information projects, reviewing compliance and setting standards for

About the role

As a Risk Lead, you will be part of a team responsible for the Cyber Risk aspect of Cyber Security within DBT.

Reporting to the Risk Manager Principal, the role will collaborate with the other teams in Cyber and the broader DDaT community.

The GRC team is responsible for cyber risk management, maintaining in-house system security assurance, running

cyber security training throughout the department, managing, and complying with policies and standards, and audit management and response.

The Cyber Security Risk Manager identifies, understands, and mitigates cyber-related risks. They provide risk and service owners with advice to help them make well informed risk-based decisions.

Where risks need to be accepted by the Department, they will support escalation of the risks to the Senior Information Risk Owner (SIRO) for acceptance.

You'll need to possess integrity and be able to communicate across all levels and professions within the Department. Working with teams that are under pressure to provide the most informed risk assessment possible to decision makers.

It will take strong collaboration skills to work across the Department and with external stakeholders to protect and promote a governed, Cyber risk aware and compliant DBT.

About you

Main responsibilities

You will be an experienced risk assurance professional who can:

Independently undertake risk management activities within a given area of practice or expertise, making use of established security and risk management governance structures and where necessary developing new ones.
Undertake Cyber Security related risk assessments as part of the IRAP (Information Risk Assurance Process), conduct tailored threat assessment and other risk management activities, to ensure activities are consistent with applicable regulations, legislation, good practice, and Government guidance.
Provide expert security advice that highlights Cyber Security related risks, so risk or service owners can make wellinformed and auditable decisions.

Skills and experience

It is essential that you have:

You'll have demonstrable skills and experience of:

Professional information security certification
CISSP or similar, or willingness to attain.
Experience in a risk management and assurance role.
Solid knowledge of information security frameworks.
Effective verbal and written communication skills.

It is desirable that you have:

Experience working within large, complex organisations
Broad understanding of cloudbased technical environment.
Problemsolving and analytical skills.

How to apply

Sift will be from week commencing 17th June 2024

Interviews will be from week commencing 1st July 2024

How we interview

At the interview stage for this role, you will be asked to demonstrate relevant Technical Skills and Behaviours from the Success Profiles framework.

This will include a risk assessment exercise.

Technical Skills

Information Risk Assessment Frameworks and methodology
Risk Management

Behaviours:

Making Effective Decisions
Working Together
Communicating and Influencing

How we offer

Offers may be made in merit order based on location preferences.

If you pass the bar at interview but are not the highest scoring you will be held on a 12-month reserve list in case a role becomes available.

If you are judged a near miss at interview, you may be offered a post at the grade below the one you applied for.

Checks will also be made against:

departmental or company records (personnel files, staff reports, sick leave reports and security records)
UK criminal records covering both spent and unspent criminal records

- your credit and financial history with a credit reference agency
- security services record
- location details

Benefits:

If you join us, you will get:

learning and development tailored to your role

- a flexible, hybrid working environment with options like condensed hours
- a culture encouraging inclusion and diversity
- a Civil Service pension with an average employer contribution of 27%
- annual leave starting at 25 days rising to 30 days with service
- three paid volunteering days a year
- an employee benefits programme including cycle to work

More about us

This role can only be worked from within the UK, not overseas. If you are based in London, you will receive L