Details
Reference number
437251
Salary
£44,241
This role is part of the Government Digital and Data Profession, and the role attracts a Digital and Data allowance of up to £14,756, subject to an assessment of your skills and experience during the interview process
A Civil Service Pension with an employer contribution of 28.97%
GBP
Job grade
Senior Executive Officer
Contract type
Permanent
Business area
MCA - Information Technology
Type of role
Information Technology
Knowledge and Information Management
Risk Management
Security
Working pattern
Flexible working, Full-time, Job share, Part-time
Number of jobs available
1
Contents
* Location
* About the job
* Benefits
* Things you need to know
* Apply and further information
Location
Southampton
About the job
Job summary
Information Security is the practice of assuring the security, confidentiality, integrity and availability of all MCA assets (information, technology, people, systems, equipment) throughout the MCA and its suppliers.
This role is part of the Compliance & Risk team, within Information Security, providing internal assurance services around Government Security Standard compliance, the MCAs Information Security Management System (ISMS) compliance and Information Security threat and risk management processes for all asset types, in line with strategic objectives.
The Maritime and Coastguard Agency (MCA) implement the government's maritime safety policy in the United Kingdom and works to prevent the loss of life and occurrence of pollution on the coast and at sea.
Safer lives. Safer Ships. Cleaner Seas.
Our vision is to be a world-leading organisation, accelerating the transition to sustainable shipping with non-negotiable safety standards. We put our people, our customers and our planet at the heart of everything we do.
We are committed to giving all our colleagues purpose, professionalism and pride in what we do. We work in supportive, diverse and inclusive teams.
We want everyone to feel valued and supported to achieve their potential at MCA.
This culture of inclusion is underpinned by our staff networks groups covering, Women's, LGBTQI+, Race, Carers, Mental Wellbeing and volunteer Respect Ambassadors.
Job description
The Information Security Compliance and Risk Specialist will:
* Develop & maintain the MCA's Information Security Management System (ISMS) and all underpinning documentation, including stakeholder engagement & compliance checks.
* Be responsible for the delivery of information security risk management processes, across all asset types, providing risk-based advice & guidance to asset owners across the business and carrying out regular reviews of the MCA's risk/threat landscape.
* Be the coordinator for annual compliance reviews and audits, managing the implementation of remediation action.
* Managing the development & delivery of the security training and awareness plan for the business.
For further information about the role and responsibilities, please see the attached role profile.
Person specification
About You
You will need the following experience:
* Experience in the development, maintenance and management of policies and processes.
* Experience in risk management including communicating risk to technical and non-technical stakeholders, of varying levels, through varying mediums.
* Experience in threat analysis including context, identifying existing or emerging threat to assets and using that to inform security decisions.
* Strong understanding of a range of security standards/regulations (e.g. ISO 27001, NIST 800, GovS007, UK GDPR etc) across all areas of information security, and how these can be applied to deliver effective/appropriate/proportionate controls across all areas to minimize impacts of security incidents.
* Experience of building relationships and influencing stakeholders, working collaboratively and inclusively, sharing information and knowledge to achieve common aims.
Additional Information
This role will be based in the Southampton HQ. MCA supports flexible working and operates a hybrid working model between home and office for this role, giving you greater flexibility over where and when you work.
The expectation is that you will spend a minimum 60% of your working time based at your principal workplace or out on official business. Details of the arrangement will be discussed further with your line manager.
There may be a requirement for occasional travel on official duty within the UK, which may involve overnight stays. Notice will be given prior to travel.
Digital and Data Profession Pay Framework
This role is part of the Government Security Profession and aligns to the Cyber Security Governance & Risk Management role - Associate Level, utilising an enhanced Capability–Based Pay Framework which provides access to a Digital and Data allowance.
The base pay is £44,241. In addition to this, the role includes a Digital and Data allowance of up to £14,756.
The value of allowance awarded will be based on an assessment of your skills and experience as demonstrated through the selection process.
Behaviours
We'll assess you against these behaviours during the selection process:
* Working Together
* Communicating and Influencing
* Changing and Improving
Technical skills
We'll assess you against these technical skills during the selection process:
* Information Risk Assessment & Risk Management (Skill Level: Practitioner)
* Applied Security Capability (Skill Level: Practitioner)
* Protective Security (Skill Level: Working)
* Threat Understanding (Skill Level: Working)
Benefits
Alongside your salary of £44,241, Maritime and Coastguard Agency contributes £12,816 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.
* Learning and development tailored to your role
* An environment with flexible working options
* A culture encouraging inclusion and diversity
* A Civil Service pension with an employer contribution of 28.97%
Things you need to know
Selection process details
This vacancy is using Success Profiles, and will assess your Behaviours, Experience and Technical skills.
This vacancy is using Success Profiles, and will assess your Behaviours, Experience and Technical skills.
As part of the application process, you will be asked to complete a CV. Further details around what this will entail are listed on the application form.
Within your CV please demonstrate your knowledge and experience of:
* Developing, maintaining and managing policies and processes (ideally in the security sector)
* Risk management including communicating risk to technical and non-technical stakeholders, of varying levels, through varying mediums.
* Threat analysis including context, identifying existing or emerging threat to assets and using that to inform security decisions.
* Security standards/regulations and how these can be applied to deliver effective/appropriate/proportionate controls across all areas to minimise impacts of security incidents.
For this recruitment campaign we will be working with TRIA Consulting (our recruitment partners) please can all applications be submitted via their website. Click here to view their website
The sift is due to take place from the 2nd and 3rd of December
Interviews/assessments will take place from the 9th, 11th and 12th of December.
This interview will be conducted via face to face at our Southampton office. Further details will be provided to you should you be selected for interview.
We will try to meet the dates set out in the advert. There may be occasions when these dates will change. You will be provided with sufficient notice of the confirmed dates.
The selection process will be designed specifically for the role. As a result, your assessment will include:
* An interview.
* A presentation.
You're encouraged to become familiar with the role profile, as you may be assessed against any of the criteria recorded within.
Feedback will only be provided if you attend an interview or assessment.
Security
Successful candidates must undergo a criminal record check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check .
See our vetting charter .
People working with government assets must complete baseline personnel security standard (opens in new window) checks.
Nationality requirements
This job is broadly open to the following groups:
* UK nationals
* nationals of the Republic of Ireland
* nationals of Commonwealth countries who have the right to work in the UK
* nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS)
* nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
* individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
* Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Further information on nationality requirements
Working for the Civil Service
The Civil Service Code sets out the standards of behaviour expected of civil servants.
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles .
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.
The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.
Diversity and Inclusion
The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service Diversity and Inclusion Strategy .
Apply and further information
This vacancy is part of the Great Place to Work for Veterans initiative.
The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).
Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.
Contact point for applicants
Job contact :
* Name : Greg Swayne
* Email :
Recruitment team
* Email :
Further information
If you feel your application has not been treated in accordance with the Recruitment Principles and you wish to make a complaint, in the first instance, you should contact Government Recruitment Services via email: If you are not satisfied with the response you receive from the Department, you can contact the Civil Service Commission: Click here ) to visit Civil Service Commission