£30,000 - £34,000
We operate on behalf of government delivering Disclosure functions in England, Wales, Jersey, Guernsey and the Isle of Man, and Barring functions for England, Wales and Northern Ireland.
We operate in the complex world of safeguarding alongside our multi agency partners. Safeguarding means protecting people’s health, wellbeing and human rights, and enabling them to live free from harm, abuse and neglect.
You will be part of a high performing Cyber Security team which ensures the secure delivery of the technology and online products that underpin our citizen facing Services. This is an exciting time to join the organisation at the start of an ambitious change journey as we build our Digital Data and Technology (DDaT) capabilities that will design, build and operate services that are critical to our vision to make recruitment safer by providing outstanding quality of service to all our customers and partners.
Secure Design covers testing and assurance to ensure that security is embedded in all stages of the technology development life cycle, integrating security tools, standards, and processes into product life cycles to ensure there is continuous monitoring through use. You will work as part of the Cyber Security team, as part of a multi-disciplined cyber security, information security assurance and data protection team, reporting to the Cyber Security Risk Analysists who provide advice on the identification and management of cyber risk and broader cyber security issues to ensure teams across DBS effectively identify and manage their cyber risk.
You will work closely with security and technical architects, the Data Protection Officer and advisors, developers, project managers and product owners along with supplier communities as part of our technical and DDaT developments to enhance and expand our technology and the digital products to deliver citizen facing services.
- Supporting the delivery of the Technology and Innovation Directorate objectives.
- Work across the organisation to ensure business areas are fully engaged with cyber security
- Play an active part as a member of the Cyber security and Data Protection team.
- Support the assessment of application resilience throughout an IT estate, generating regular application security reports.
- Work with Cyber Security Analysists and development teams to embed "secure by design" into the development life cycle and build security awareness.
- Develop processes for maintaining the security of a service through its full life cycle.
- Scope security audits in accordance with a digital service framework.
- Work with digital team to build and implement security audit points in digital services.
- Support Cyber Security Analysists in carrying out risk assessments and developing mitigations for relatively common and well-understood scenarios.
- Maintain understanding of threat environment to inform decision-making and planning.
- Maintain up-to-date understanding of all areas of security and make appropriate and proportionate use of Physical, Personnel and Cyber Security measures to protect assets.
- You will have a demonstratable passion for information and IT system security
- Working in digital or technical delivery, cyber or information risk advisory role
- Working with ISO27001, NIST, BS EN 31111, CoBIT, ISACA or other information security frameworks and standards
- Performing risk assessments and applying a range of technical, cyber, information and business risk management methodologies explaining clearly how the decision or recommendation has been reached.
- Working with accreditors or security assurance.
- Applying security or technical concepts across multiple projects or solutions
- An understanding of NCSC information security guidance and architecture patterns
- Understanding of the General Data Protection Regulation
To apply for this opportunity, please follow the 'apply now’ link where further detail on the selection process is available.