Regional Information Security and Assurance Lead (RISAL) - Greater Manchester " (Ref: 16480)

Job summary

Please refer to Job Description

Job description

Overview of the job The Regional Information Security and Assurance Officer (RISAL) sits within the Corporate Service function in the Probation Service region and reports directly to the Head of Corporate Services.They will have line management responsibility for Information Security related Project Officers within the region.

The RISAL is the link between the Probation Service region and the HMPPS Information Security Team.
The geographical base for the RISAL post can be flexible within their regional area and will require travel across the region and some work in London and other locations.Summary The RISAL is responsible for ensuring compliance across all Probation Service units within the region with all Information Security Policy Framework requirements and ensuring all quarterly and annual departmental returns are completed and submitted in an accurate and timely manner on behalf of the Regional Probation Director who is the Information Asset Owner.As the Subject Matter Expert, the RISAL will be required to lead investigations into all security incidents and breaches and report their findings and recommendations in full to the commissioning manager.

The RISAL will chair and manage the Regional Information Assurance Committee and will have a seat on the National Information Management Programme Board chaired
by the Business Strategy and Change Lead.Responsibilities, Activities & Duties The job holder will be required to carry out the following responsibilities, activities and duties:• As Subject Matter Expert, the RISAL will be the Lead investigator into information security incidents and data breaches. They will lead investigations into how incidents occur and report their findings to the commissioning officer and will give evidence when required, such as disciplinary hearings. The RISAL is responsible for ensuring all recovery actions, both for individuals and for the Service, following an incident are completed and that lessons are learned and shared to avoid future incidents across the region. They will update local policy and best practice guidance to reflect any lessons learned. The RISAL will also be the Regional Point of Contact for any investigations arising from the Information Commissioners Office ( ICO).
• The RISAL is responsible for adapting and regionalising the National Information Security Policy Frameworks into a robust and embedded local policy to deliver key milestones. Through collaboration and consultation with senior leaders across the region the RISAL will ensure the policy is implemented and embedded. The RISAL will be the driver, on behalf of the Regional Probation Director, for culture change around all aspects of the Information Security Policy Framework and Information Risk, delivering best practice.
• The RISAL will routinely undertake compliance visits across all sites in the region and will be responsible for developing and managing the Regional Risk Register appropriately, managing any emerging risks providing assurance and escalating risk where required to Regional Probation Director or HMPPS Information Security. They will identify and agree any necessary recovery actions with the site
lead and monitor progress through to completion.
• Cabinet Office commission completion of an annual information security compliance statement, (Departmental health check), across Government. The RISAL is responsible for ensuring the ongoing departmental health check is completed on behalf of the Regional Probation Director, within a timely manner as stipulated by HMPPS Information Security. The RISAL will be required to understand any areas of deficiency within the Region and implement a robust strategy to improve levels of compliance across the Region.
• Provide technical expertise to ensure the Regional Probation Director and Senior Leadership Team understand their responsibilities as Information Asset Owner and Information Asset Custodians.
• Provide a monthly status report on Security Incidents/Breaches, to the Senior Leadership Team, including trends and risks analysis and demonstrating actions and mitigations the RIASL has completed and any further required recommendations for controls and mitigating actions.
• Provide technical advice and guidance to Heads of Departments to ensure the correct information is gathered to develop accurate Information Sharing Agreements (ISAs) with 3rd party providers and charities. The RISAL will be responsible for approving all ISAs on behalf of the Regional Probation Director.
• The RISAL will have line management responsibility for any Project Officer resource in the region that has been allocated to the information assurance ambitions of the region. They will be responsible for oversight of their work, formal line management of individuals, management of capability and performance, development of individuals, and day to day supervision of project officers.
• Leading on a culture change programme in the Region to ensure a positive Information Management culture is embedded across the Probation Service region making all staff are aware of best practice and their individual responsibility for information security; the RISAL will employ a range of approaches including developing and issuing bulletins to highlight key messages on lessons learned and shared best practice and innovative strategies to maximise impact.
• Develop and deliver training and awareness sessions on Information Security and Information Risk Policies and/or best practice and lessons learned.
• As Subject Matter expert, the RISAL is required to have an in-depth and current knowledge of all MoJ/HMPPS Information Security and Risk Management policies, and National legislation, i.e. UK GDPR. This will also include in-depth knowledge and understanding of trends as identified by the Information Commissioners office (ICO) . The RISAL will also be required to understand the role of the National Cyber Security Centre (NCSC) and how they support the work of HMPPS and other government departments.
• Direct and drive the quarterly Regional Information Assurance Committee on behalf of the Regional Probation Director and attend the monthly National Information Assurance forum to represent their region, they will be responsible for disseminating information regionally and engaging with leaders across the region where there are actions to implement, including the RISAL updating their Local Information Security Policy Framework and, where applicable, the Regional Information Assurance Registers.
• Responsible for ensuring all required Information Sharing Agreements are in place and are recorded in the relevant systems. Own and maintain the ISA database for the region, undertaking routine quality assurance of the ISAs included on the database, providing reports to senior leadership team and HMPPS Information Security team as required and commissioned.
• The RISAL will be required undertake stakeholder engagement across HMPPS, MoJ, other Government agencies and 3rd party suppliers. This will be to ensure that data is being shared and managed appropriately.

The duties/responsibilities listed above describe the post as it is at present and is not intended to be exhaustive. The job holder is expected to accept reasonable alterations and additional tasks of a similar level that may be necessary. Significant adjustments may require re-examination under the Job Evaluation Scheme and shall be discussed in the first instance with the job holder.

Person specification

Please refer to Job Description

Behaviours

We'll assess you against these behaviours during the selection process:

• Making Effective Decisions
• Working Together
• Leadership

Benefits

• Access to learning and development
• A working environment that supports a range of flexible working options to enhance your work life balance
• A working culture which encourages inclusion and diversity
• A Civil Service pension with an employer contribution of 28.97%
• Annual Leave
• Public Holidays
• Season Ticket Advance

For more information about the recruitment process, benefits and allowances and answers to general queries, please click the below link which will direct you to our Candidate Information Page.

Link: https://justicejobs.tal.net/vx/candidate/cms/About%20the%20MOJ

Things you need to know

Artificial intelligence

Artificial intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance (opens in a new window) for more information on appropriate and inappropriate use.

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Strengths and Experience.https://justicejobs.tal.net/vx/candidate/cms/About%20the%20MOJ

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see theCivil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

Apply and further information

This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job contact :

• Name : SSCL Recruitment Enquiries Team
• Email : moj-recruitment-vetting-enquiries@resourcing.soprasteria.co.uk
• Telephone : 0345 241 5358

Recruitment team

• Email : moj-recruitment-vetting-enquiries@resourcing.soprasteria.co.uk

Further information

Appointment to the Civil Service is governed by the Civil Service Commission’s Recruitment Principles. If you feel a department has breached the requirement of the Recruitment Principles and would like to raise this, please contact SSCL (Moj-recruitment-vetting-enquiries@gov.sscl.com) in the first instance. If the role has been advertised externally (outside of the Civil Service) and you are not satisfied with the response, you may bring your complaint to the Commission. For further information on bringing a complaint to the Civil Service Commission please visit their web pages: http://civilservicecommission.independent.gov.uk/civil-service-recruitm…

https://jobs.justice.gov.uk/careers/JobDetail/16480?entityId=16480