Join Police Digital Service as PDS Information Security Officer - Starting at £55,000pa

About Police Digital Service

To protect people from harm in our rapidly changing world, police services must not only keep up with technology and business changes but develop capabilities and ways of working that will enable them to adapt to and deal with the complexity of modern criminality.

Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. Our team provides technical advice and delivers services to help policing and law enforcement organisations across the UK prioritise and focus on technology efforts.

Key Responsibilities

• Support the delivery of the Information Security Management System (ISMS), including the governance, risks & issues and compliance returns for National Policing.
• Maintain Security Policy framework, working with stakeholders to ensure that Information Security related Policies, Procedures and Standards are up-to-date and available as required.
• Lead the management of information security risks to drive operational capability that supports the strategic cyber aims of PDS. Including appropriate controls, mitigations and risk treatment plans, ensuring they are up to date, relevant, aligned to standards/guidance and meaningful to the business. Produce relevant risk reports and metrics to communicate risks to relevant stakeholders, both internally and externally.
• Lead and implement actions from the communications strategy, including the delivery of training and education to influence and raise awareness of good information security management practice across the organisation.
• Support the management of security incidents, assisting in the provision of security advice and solutions to minimise further risk and reduce the impact. Manage the security incident reporting process, escalating when required and briefing to senior leaders.
• Lead and maintain relationships with the Business Units on our tenant, and other partners/customers, promoting good security practices and assessment of risk.
• Support the management of information security asset and cyber service inventories in relation to information security.
• Assist in the assessment of intelligence, threats to, and vulnerabilities of; information systems and assets. Liaise with key business areas to ensure a cohesive approach to the implementation of proactive activities such as IT Health Checks, remediation activities, compliance audits and personnel control measures.
• Provide support on PDS audit activity (internal and external) including collation and provision of evidence for annual ISO 27001 audits.

Essential:

• Proven IT/Information security and risk management in large organisations with complex security and compliance requirements
• Production of/or input to policy, process and procedural documentation
• Supporting the design, implementation and operation of security controls
• Defining and/or implementing security controls across multiple layers of the IT architecture stack
• Developing strong working relationships with a number of stakeholders
• Implementing/running security processes aligned to information and cyber security governance frameworks
• Non-police personnel vetting and Security Check will be required and must be maintained during tenure. Will be required to sign Official Secrets Act