Register  |  Log In  |  Contact Us

Information Security Manager (Governance)

HM Revenue & Customs
Contract Type
Defence & Security, IT
Expiry Date
22/02/2018 09:25:00
Location: SalfordContract type: PermanentClosing date: 22/2/18Within HMRC, our digital division is called CDIO (Chief Digital Information Officer Group) and has a number...

Job Description

Location: Salford
Contract type: Permanent
Closing date: 22/2/18

Within HMRC, our digital division is called CDIO (Chief Digital Information Officer Group) and has a number of internal delivery groups all working towards our digital transformation. The delivery group in which this vacancy sits, is called Data Engineering; this delivery group provides data analytics and reporting services for the whole of HMRC across legacy and new systems, with a focus on investing in future technologies to create the most digitally-advanced tax authority in the world. Data Engineering provides support to HMRC’s Hadoop-based Enterprise Data Hub (EDH) services, is primarily based in Manchester and also has a presence across sites in London, Southend and Telford. 

We now have a new and exciting Information Security Manager role within Data Engineering. 

Operating complex services such as these across multiple UK locations requires a comprehensive security policy framework to be established and maintained for DE that aligns with both corporate security policy and project specific security operating procedures. 

Your knowledge of the Government Classification Scheme at and above OFFICIAL is imperative in being able to develop, implement and maintain that security policy framework and drive DE towards the strategic goal of becoming ISO 27001 certified. As an information security manager within DE, it will be your responsibility to gain and maintain that certification which is a fantastic opportunity for anyone working in this industry sector. 

 You will: 

• Gain and maintain ISO 27001 security assurance of the DE service offering
• Act as the focal point within DE for the development, maintenance and awareness of an information security policy framework aligned to all of DE services and corporate security policies
• Ensure that assurance reviews (compliance assessments) are conducted at their defined timescales; including both internal and external reviews 
• Be responsible for security across all DE locations, including those operating above OFFICIAL ensuring that risks are identified and treated appropriately; build a network of DE Local Security Officers in support of this objective
• Be responsible for security across all operational DE services ensuring that risks are identified and treated appropriately
• Provide advice and guidance on security strategies to manage identified risks across all locations/services and ensure adoption and adherence to standards 
• Investigate breaches of security and recommend appropriate control improvements
• Maintain close working relationships with key internal and external stakeholders including corporate HMRC security (and other shared services), Human Resources, Legal, Outsourced Service Suppliers and Internal Support teams
• Build, maintain and measure an active security awareness programme that engages staff and ensures our delivery group remains compliant 
• Lead on gaining support and understanding for the subject of information security across the delivery group at all levels
• Develop and implement specific training materials on information security subject matters. 
• Make information security more accessible to development teams and raise the profile of the security function

Essential skills and experience: 
  • Proven experience in developing, implementing and maintaining security policy across the spectrum of physical, personnel, procedural and technical security
  • Knowledge and experience of ISO 27001 implementation
  • Must hold or be willing to undertake SC clearance. 
 Desirable skills and experience: 

       • Experience in operating within HMG security frameworks e.g. SPF, JSP-440, etc. 
       • Experience of implementing security policy above OFFICIAL. 

If you are interested in this role, please apply and should your skills and experience match the above job spec, a HMRC recruiter will be in touch with you. For further information regarding the role, it is also advertised through Civil Service Jobs.
Register and Apply
Log In and Apply

Please fill in the form, upload your CV to complete your application. You will also register during this process to enable you to log in track you application and setup Job Alerts.

How did you find us?*
Profile Options
By submitting this form you agree to our terms of use
Register & Apply