Information Security Officer
Job Title: Information Security Officer
Salary: The starting salary is £71,503, which includes allowances totalling £2,841. The salary is broken down as £68,662 basic salary, which will increase annually until you reach the top of the scale £75,638. Plus, a location allowance of £1,841 and a non-pensionable allowance of £1,000.
Salary: more than Spine Point 1- Band U and consideration will also be given to awarding an additional allowance or salary negotiation, for an exceptional candidate.
Location: The primary Met Location for this role will be either Hendon, Sidcup, or Bow. Travel across the Met estate, to attend meetings as required by the business, is expected.
Job Purpose
- Fulfil the requirements of the Information Security Officer (ISO) role as described in the College of Policing Authorised Professional Practice (Information Management – Information Security Officer).
- Fulfil the requirements of the Communications Security Officer (COMSO) as described in HMG Information Standard #4 (Protective Security Controls for the Handling and Management of Cryptographic Items).
Key Role Responsibilities
- Lead the Information Assurance Unit in delivery of services and prioritisation.
- Ensure that Continuous Professional Development for professional qualifications is supported for team members including the Government Security Profession skills framework and other information security industry standards.
- Represent the Senior Information Risk Owner (SIRO) on information risk matters by providing information risk advice and assurance throughout the Met.
- Escalate information risk issues to the SIRO where necessary and appropriate and advise SIRO on the same.
- Work with Head of Cyber Security and wider Digital, Data and Technology (DDAT) and other colleagues to continually develop and evidence controls in relation to the Systems Assurance for Policing (SyAP) Maturity Model.
- Manage the Security Incident Reporting function for the Met.
- Provide SME Information Assurance inputs to corporate projects and general information security advice to the organisation.
- Manage a programme of third-party information risk audits based on ISO27001 methodology.
- Ensure information and cyber security policy and associated business standards development is progressive, maintained, current and aligns with Met strategic direction, Community Security Policy, and National Cyber Security Centre (NCSC) and Police Digital Service (PDS) Standards.
- As Communications Security Officer (COMSO), ensure that Met handling, management and storage of NCSC issued Cryptographic material is compliant with HMG Information Standard #4.
- Proactively engage with the wider Met to deliver Information Security Awareness, Education and Behaviours training (and associated materials).
- Identify and champion best practice industry standard information security tooling and software.
- Chair the Information Assurance & Cyber Security Working Group.
- Represent the Met at Police Information Group (PIAG), Police Information Assurance Forum (PIAF) and other national forums where required.
Essential Criteria
- Advanced knowledge in information risk methodology and its application in operational policing environments.
- Excellent understanding of information security and risk policy, standards, and control frameworks.
- Advanced understanding of information security education and awareness best practice and communication methodologies.
- Advanced understanding of supply chain risk and the approaches to addressing those risks.
- Advanced understanding of and ability to conduct people, process and technical audit, risk and compliance reviews across the organisation based on ISO27001 Framework.
- Ability to successfully convey information risk issues in ‘business language’.
- A pragmatic and can-do approach to managing information risk.
- The ability to influence both upwards and downwards by demonstrating clear leadership.
Professional Qualifications
- At least one or a combination of the following:
- ISACA Certified Information Security Manager (CISM)
- ISACA Certified Information Systems Auditor (CISA)
- ISO27001 Lead Auditor
- Information Security Analyst (NCSC/APMG Accredited)
Desirable Criteria
- Previous Management/Team Leader experience in either a Policing or Public Sector Information Assurance/Security role.
How to apply
Click the apply now button below and start your career at the Met. Applications will be via a detailed CV, Personal Statement, and online application form. Your Personal Statement to show evidence to support your suitability for this role based on the Essential criteria stated. (Personal Statement 1000 words maximum).
Completed applications must be submitted by 23:55 on 18th November 2024.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
