This role will be based in Bedlington with the opportunity for agile working from home with a need to travel throughout the force area.
The role:
Are you an enthusiastic and experienced Information Security and Assurance professional looking to work in a fast past and diverse organisation? Would you like to play a key role in serving your community through the provision of robust and progressive information security and assurance controls that will support our police officers and staff to deliver an outstanding policing service and protect the Force’s data, information and systems?
The Information Security and Assurance function has recently developed a new operational model following significant investment by the Force – the introduction of a Senior Information Security and Assurance Analyst who will support the strategic vision to grow and develop this area of business.
This is an exciting opportunity that would suit someone who is passionate about all
aspects of technology (especially cloud and mobile) and enjoys problem solving with a problem-solving analytical approach. The post will have defined areas of responsibility with the opportunity for rotation in the future.
What will I be doing?
• Providing specialist advice and guidance focussing on system audits and assurance, supporting alignment to ISO 27001, and incorporating responsibility for the Information Assessment, Accreditation and Cyber Support functions.
• Designing and implementing processes and techniques to regularly assess information assets for compliance with security policies, national policing and best practice information assurance standards
• Working with key stakeholders to ensure the Force is compliant with internal and external standards and policies, and support the Force to deliver an outstanding service.
• Working with Information Asset Owners and Project Managers to ensure that information assets and systems are assessed and managed in line with the Force’s risk management processes.
• Reviewing policies and procedures, working with End Users across the Force to fully understand business and operational information security risk.
• Supporting the identification and assessment of security controls, and validate controls in place to ensure compliance.
• Carrying out assurance and accreditation activities risk assessments (including data privacy impact assessments) and giving assurance that risks across the business are understood and managed.
• You will be working to NCSC, ISO 27001, Cyber Essentials and national policing guidelines.
What do I need?
• Educated to degree level (or equivalent relevant experience)
• A relevant certification such as CISMP, and ISO 27001 auditor/implementer
• Technology and ICT background
• Customer Service and Stakeholder management experience
• Effective, pragmatic and strong negotiation skills to address and overcome problems and barriers
• Strong communication, influencing, writing, consulting and client facing skills
• Ability to bridge the gap between technical and business language to reach appropriate solutions and understand competing demands across the Force
Desirable:
• CISSP or CISM certification
• Certified Cyber Professional – SIRA and or / IA Auditor
• Experience of working in a public sector or police force environment
• Understanding of risk management processes
• CompTIA Sec+ certification
In return for your dedication and experience, we offer 23 days’ leave, excluding bank holidays, increasing to 28 days for 5 years+ service. We support our people inside and out of work – offering a very competitive pension scheme, childcare vouchers, and discounts on shopping and eating out thanks to the Blue Light Card. And to take care of your physical and mental well-being, we’ve invested in extensive paid sick leave, trained mental health first aiders on-site, an employee advice service and access to gyms in some stations.
Northumbria Police are currently undertaking a role and reward project in respect of all police staff posts. For further information please contact the Talent Acquisition team.
Vetting level:
SC Vetting (SC). Applicants must be a resident of the UK for a minimum period of 3 years to ensure vetting checks can be successfully performed. A job offer will be dependent upon vetting clearance, medical information and references.
If you have any queries with regard to the application process please contact the Talent Acquisition Team by email at careers@northumbria.pnn.police.uk
All staff including those appointed on fixed term contracts must successfully complete their probationary period before they are eligible to apply for a Northumbria Police vacancy.
Vacancy Contact: To discuss the position in more detail please contact Alistair Burdon, Information Security & Assurance Manager by email at 5332@northumbria.pnn.police.uk
Northumbria Police fully supports a policy of equal opportunities and we welcome applications from suitably qualified people from all sections of the community, regardless of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex and sexual orientation. Appointments are based on merit alone