Role: Security and Information Risk Advisor
Contract Length: Approximately, 4 months with possibility of extension
Location: Hybrid/Edinburgh or Glasgow - regular on-site attendance
IR35: Inside
Pay Rate to Intermediary: £625 per day
Security Clearance: Disclosure Scotland
Spinwell is recruiting for a Security and Information Risk Advisor for an excellent opportunity within the public sector.
RESPONSIBILITIES OF THE SECURITY AND INFORMATION RISK ADVISOR
- An experienced Security and Information Risk Advisor (SIRA) is required to provide expertise to teams for risk identification, analysis, evaluation and treatment and to develop, operate, maintain and improve the organisation’s ISMS.
- They shall be responsible for providing information security expertise to projects and personnel to ensure compliance with client policies, processes, applicable legislation and regulation, and relative international standards.
- The assigned contingent worker will operate in a non-technical security role as the primary conduit for business teams and functional leads for advice and guidance on all matters relating to Information Security Risk and Assurance.
- They will combine an expert understanding of information security risk and assurance, its tools and methods, with excellent stakeholder engagement and customer focus.
- They will engage with non-technical and technical stakeholders to communicate the requirements of our information security standards and policies, foster understanding of threats and controls, negotiate improved security outcomes, and conduct assurance activities.
- They will also contribute to the improvement of our policies, processes and controls, to raising the security awareness of our colleagues, and to providing management reporting.
SKILLS/EXPERIENCE OF THE SECURITY AND INFORMATION RISK ADVISOR
The successful candidate will have a strong understanding and background in technical and non-technical information security and risk and have the ability to engage with management and technical/non-technical SMEs for the successful implementation and operation of the ISMS and its associated deliverables.
The candidate will have knowledge including (but not limited to):
- Identification, assessment and management of risk
- Security assurance and the measurement of controls
- Creation of ISMS and IT Security documentation (Policies, Standards, Processes, Procedures and Patterns)
- Internal and Third-Party Audits
- Risk and threat modelling
- Compliance and Assurance Activities
- Business process analysis and mapping (to determine alignment against agreed industry practice and recognised control frameworks)
The candidate will hold the following certifications/qualifications or equivalent:
- Certificate in Information Security Management Principles
- Certified Internal Auditor of Management Systems
If you are a Security and Information Risk Advisor, apply now or send your CV to Spinwell!
We welcome all applications regardless of background, in line with our commitment to diversity, equality and inclusion.
Applying to this or any other vacancy advertised by Spinwell Ltd constitutes an agreement for Spinwell Ltd to hold your details for 24 months for the purpose of assessing suitability for the advertised position and to make you aware of any other positions deemed suitable of which You will make you aware by means of either email, text or phone. In line with GDPR regulations you are able to request your details be removed from the company data at any time by emailing us