Senior Information Security Analyst (Assurance and Information Audit) – JRN 20881/20882
 

 
This role will be based in Bedlington with the opportunity for agile working from home with a need to travel throughout the force area.

The role:
Are you an enthusiastic and experienced Information Security and Assurance professional looking to work in a fast past and diverse organisation?  Would you like to play a key role in serving your community through the provision of robust and progressive information security and assurance controls that will support our police officers and staff to deliver an outstanding policing service and protect the Force’s data, information, and systems?     
 
The Information Security and Assurance function has recently developed a new operational model following significant investment by the Force – the introduction of a Senior Information Security and Assurance Analyst who will support the strategic vision to grow and develop this area of business.
 
This is an exciting opportunity that would suit someone who is passionate about all
aspects of technology (especially cloud and mobile) and enjoys problem solving with a problem-solving analytical approach.  The post will have defined areas of responsibility with the opportunity for rotation in the future.

What will I be doing?
• Providing specialist advice and guidance focussing on system audits and assurance, supporting alignment to ISO 27001, and incorporating responsibility for the Information Assessment, Accreditation and Cyber Support functions.
Designing and implementing processes and techniques to regularly assess information assets for compliance with security policies, national policing, and best practice information assurance standards
Working with key stakeholders to ensure the Force is compliant with internal and external standards and policies and support the Force to deliver an outstanding service.
Working with Information Asset Owners and Project Managers to ensure that information assets and systems are assessed and managed in line with the Force’s risk management processes.
Reviewing policies and procedures, working with End Users across the Force to fully understand business and operational information security risk. 
Supporting the identification and assessment of security controls and validate controls in place to ensure compliance. 
Carrying out assurance and accreditation activities risk assessments (including data privacy impact assessments) and giving assurance that risks across the business are understood and managed. 
You will be working to NCSC, ISO 27001, Cyber Essentials, and national policing guidelines.
 
What do I need?
• Educated to degree level (or equivalent relevant experience)  
A relevant certification such as CISMP, or ISO 27001 auditor/implementer
Technology and ICT background
Customer Service and Stakeholder management experience
Effective, pragmatic, and strong negotiation skills to address and overcome problems and barriers
Strong communication, influencing, writing, consulting, and client facing skills
Ability to bridge the gap between technical and business language to reach appropriate solutions and understand competing demands across the Force 
 
Desirable:
• Certified Cyber Professional – SIRA and or / IA Auditor
Experience of working in a public sector or police force environment
Understanding of risk management processes
 
For further information please see the role profiles: Role Profile.pdf
 
In return for your dedication and experience, we offer 23 days’ leave, excluding bank holidays, increasing to 28 days for 5 years+ service.  We support our people inside and out of work – offering a very competitive pension scheme, childcare vouchers, and discounts on shopping and eating out thanks to the Blue Light Card. And to take care of your physical and mental well-being, we’ve invested in extensive paid sick leave, trained mental health first aiders on-site, an employee advice service and access to gyms in some stations.  
 
Northumbria Police are currently undertaking a role and reward project in respect of all police staff posts. For further information please contact the Talent Acquisition team.
 
Vetting level: 
Vetting level: Management Vetting (MV) and Security Clearance (SC).  Applicants must be a resident of the UK for a minimum period of 5 years to ensure vetting checks can be successfully performed.  A job offer will be dependent upon vetting clearance, medical information, and references. 
 
If you have any queries about the application process or the role please contact the Talent Acquisition Team by email at careers@northumbria.pnn.police.uk
 
All staff including those appointed on fixed term contracts must successfully complete their probationary period before they are eligible to apply for a Northumbria Police vacancy.
 
Northumbria Police fully supports a policy of equal opportunities and we welcome applications from suitably qualified people from all sections of the community, regardless of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, and sexual orientation. Appointments are based on merit alone
 
Vacancy Type
Police Staff
Rank/Grade
Grade I
Location
Northumberland
Hours
Full Time
Salary Range
x£37,914 to £41,517
Vacancy Description
 
 
This role will be based in Bedlington with the opportunity for agile working from home with a need to travel throughout the force area.

The role:
Are you an enthusiastic and experienced Information Security and Assurance professional looking to work in a fast past and diverse organisation?  Would you like to play a key role in serving your community through the provision of robust and progressive information security and assurance controls that will support our police officers and staff to deliver an outstanding policing service and protect the Force’s data, information, and systems?     
 
The Information Security and Assurance function has recently developed a new operational model following significant investment by the Force – the introduction of a Senior Information Security and Assurance Analyst who will support the strategic vision to grow and develop this area of business.
 
This is an exciting opportunity that would suit someone who is passionate about all
aspects of technology (especially cloud and mobile) and enjoys problem solving with a problem-solving analytical approach.  The post will have defined areas of responsibility with the opportunity for rotation in the future.

What will I be doing?
• Providing specialist advice and guidance focussing on system audits and assurance, supporting alignment to ISO 27001, and incorporating responsibility for the Information Assessment, Accreditation and Cyber Support functions.
Designing and implementing processes and techniques to regularly assess information assets for compliance with security policies, national policing, and best practice information assurance standards
Working with key stakeholders to ensure the Force is compliant with internal and external standards and policies and support the Force to deliver an outstanding service.
Working with Information Asset Owners and Project Managers to ensure that information assets and systems are assessed and managed in line with the Force’s risk management processes.
Reviewing policies and procedures, working with End Users across the Force to fully understand business and operational information security risk. 
Supporting the identification and assessment of security controls and validate controls in place to ensure compliance. 
Carrying out assurance and accreditation activities risk assessments (including data privacy impact assessments) and giving assurance that risks across the business are understood and managed. 
You will be working to NCSC, ISO 27001, Cyber Essentials, and national policing guidelines.
 
What do I need?
• Educated to degree level (or equivalent relevant experience)  
A relevant certification such as CISMP, or ISO 27001 auditor/implementer
Technology and ICT background
Customer Service and Stakeholder management experience
Effective, pragmatic, and strong negotiation skills to address and overcome problems and barriers
Strong communication, influencing, writing, consulting, and client facing skills
Ability to bridge the gap between technical and business language to reach appropriate solutions and understand competing demands across the Force 
 
Desirable:
• Certified Cyber Professional – SIRA and or / IA Auditor
Experience of working in a public sector or police force environment
Understanding of risk management processes
 
For further information please see the role profiles: Role Profile.pdf
 
In return for your dedication and experience, we offer 23 days’ leave, excluding bank holidays, increasing to 28 days for 5 years+ service.  We support our people inside and out of work – offering a very competitive pension scheme, childcare vouchers, and discounts on shopping and eating out thanks to the Blue Light Card. And to take care of your physical and mental well-being, we’ve invested in extensive paid sick leave, trained mental health first aiders on-site, an employee advice service and access to gyms in some stations.  
 
Northumbria Police are currently undertaking a role and reward project in respect of all police staff posts. For further information please contact the Talent Acquisition team.
 
Vetting level: 
Vetting level: Management Vetting (MV) and Security Clearance (SC).  Applicants must be a resident of the UK for a minimum period of 5 years to ensure vetting checks can be successfully performed.  A job offer will be dependent upon vetting clearance, medical information, and references. 
 
If you have any queries about the application process or the role please contact the Talent Acquisition Team by email at careers@northumbria.pnn.police.uk
 
All staff including those appointed on fixed term contracts must successfully complete their probationary period before they are eligible to apply for a Northumbria Police vacancy.
 
Northumbria Police fully supports a policy of equal opportunities and we welcome applications from suitably qualified people from all sections of the community, regardless of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, and sexual orientation. Appointments are based on merit alone