Search
Header navigation
Security and Information Risk Advisor (2919)

Security and Information Risk Advisor (2919)

Scottish Government
remoteHybrid
ExpiresExpires: Expiring in less than 3 weeks
IT
Full time
£47,730 - £57,151 per year

Job summary

Join us as an IT Security and Information Risk Advisor (SIRA) within Scottish Government’s Cyber Security Unit (NCSR), where you’ll play a key role in protecting our digital services, helping ensure they remain secure, resilient, and well‑positioned to respond to evolving cyber threats.

As a valued member of the team, you will play a crucial role in helping the Scottish Government and service owners develop policy and apply standards, manage cyber and information risk, identify mitigations, and obtain assurance and compliance.

In this role you will help system owners, projects, and procurements understand, assess, and manage cyber and information risks, ensuring systems and data stay secure and compliant. Providing clear, practical advice to support risk-based decisions you will help build resilience against evolving threats from both inside and outside the organisation.

Job description

  • Provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
  • Carry out assessments to identify and define security requirements that enable business operations, ensure regulatory compliance, and align with strategic objectives.
  • Undertake Cyber Security related risk assessments and business impact analysis, conduct threat assessments, carry out threat modelling, and other risk management activities on complex information systems.
  • Contribute to development of information security policy, standards, and guidelines.
  • Interpret information assurance and security policies and applies these to manage risks.
  • Provide advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards, and guidelines.
  • Provide advice to validate the effectiveness of risk mitigation measures, including an understanding of how to use different assurance activities (such as a pen test) and make recommendations for improvement and support information assurance assessments.
  • Communicate with internal and external stakeholders at all levels of technical ability, on high risk or complex topics or under constrained timescales.

Person specification

Success Profile

Success profiles are specific to each job, and they include the mix of experience, skills and behaviours candidates will be assessed on.

Experience:

  1. Lead Criteria 1: Demonstrable IT‑related knowledge and skills to identify appropriate security solutions, with awareness of how security architecture supports integrated solution design.
  2. Lead Criteria 2: Experience managing internal and external cyber security risks to IT systems, services, and data storage, particularly within digital cloud environments.
  3. Experience advising on security standards (ISO27001, Cyber Essentials, CAF & GovAssure, HMG GovS 007, NIST, PCI DSS).
  4. Experience working across multiple stakeholder groups (including senior officials, customers, suppliers), with good written and verbal communication skills.

Experience is assessed at sift, along with a more in-depth assessment at interview.

Technical Skills:

This role is aligned to the Security and Information Risk Advisor and General Security and Information Risk Advisor within the Cyber Security and Information Assurance.

You can find out more about the skills required, here.

These skills are assessed by technical assessment, designed to represent the role. Candidates reaching this stage will receive a Technical Assessment Candidate Pack which outlines the specific skills to be assessed, plus the method of assessment.

Behaviours:

  • Delivering at Pace (Level 3)

You can find out more about Success Profiles Behaviours, here.

Behaviours are assessed at interview. Full details will be shared in advance with all candidates invited to this stage.

Benefits

Alongside your salary of £47,730, Scottish Government contributes £13,827 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.
  • Learning and development tailored to your role
  • An environment with flexible working options
  • A culture encouraging inclusion and diversity
  • A Civil Service pension with an employer contribution of 28.97%

Things you need to know

Artificial intelligence

Artificial intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance (opens in a new window) for more information on appropriate and inappropriate use.

Selection process details

Apply online, providing a CV and Supporting Statement (of no more than 750 words) which provides evidence of how you meet each of the four Experience criteria listed in the Success Profile above.

Candidates will have their applications assessed against all Experience criteria. If a large number of applications are received an initial sift will be conducted on the Lead Criteria highlighted above. Candidates who pass the initial sift will have their applications fully assessed against the remaining Experience criteria.

Artificial Intelligence (AI) tools can be used to support your application, but all statements and examples provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, and presented as your own) applications will be withdrawn and internal candidates may be subject to disciplinary action.

Please see our candidate guidance for more information on acceptable and unacceptable uses of AI in recruitment.

If invited for further assessment, this will consist of an in-person interview and DDaT Technical assessment where the behaviours, experiences and technical skills outlined in the Success Profile will be assessed.

The sift is scheduled for w/c 13/04/2026.

Interviews and DDaT Technical assessments are scheduled for w/c 27/04/2026, however these may be subject to change.

Recruitment Principles

As a government organisation, we adhere to the Civil Service Commission Recruitment Principles and we investigate any complaints received in relation to recruitment cases.



Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

  • UK nationals
  • nationals of the Republic of Ireland
  • nationals of Commonwealth countries who have the right to work in the UK
  • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
  • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
  • individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
  • Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see theCivil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

Apply and further information

This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job contact :

Recruitment team

Salary range

  • £47,730 - £57,151 per year