Security and Business Continuity Co-ordinatorBirmingham, West Midlands
We are looking for a Security and Business Continuity Co-ordinator to join our digital and technology team in Birmingham. As the Security and Business Continuity Co-ordinator, you will contribute to the successful delivery of outcomes across all business plan deliverables and business as usual activities which require digital and security expertise. This is a key role within the Digital & Technology team reporting to the Security & Business Continuity Manager. The role is predominantly concerned with the Commission's security and compliance, but you will also be required to advise and guide colleagues on external facing information security matters and assist with compliance in line with the Business Continuity Policy.
The Benefits:
- Salary of circa £37,000
- Civil service pension, with an employer contribution rate of 27%
- Flexible working
- Hybrid working, specific guidelines are to be agreed with line manager
- 26 days' holiday, rising to 29 days after two years' service, with the option to buy up to five days extra annual leave
Key Responsibilities:
- Assist in maintaining PCI-DSS and PSN accreditation in line with departmental or wider Government reviews and assessments.
- Engage with Business Continuity plan owners to share best practice, monitor maturity, drive accountability and promote Business Continuity by developing a Business Continuity community of interest.
- Be a point of contact on Cyber Security issues with key stakeholders, including external parties and actively develop strong working relationships in relation to Cyber Security.
- Ensure that the Cyber Security policies and security controls remain appropriate and proportionate to the assessed risks and are responsive and adaptable to the changing threat environment, business requirements and central government policies.
- Provide physical security advice to all key stakeholders to facilitate the correct integration of physical security aspects across the Commission.
- Reporting and escalating information security breaches in an appropriate and timely manner.
- Work closely with procurement to assess and monitor information security compliance and resilience of third-party suppliers.
- Maintenance and development of all policies with an information security element, including procedures and relevant standards and supporting documentation as appropriate.
- Conduct security risk assessments to established risk assessment models to best practice.
- Facilitate and supporting internal and external audit activities.
- Understanding of general information security management principles and data protection.
- Contribute to the vision, principles and strategy for security operations practices by leading colleagues across the Commission, ensuring technical, cyber and security issues are managed and remediated.
- Represent the security team at regular project meetings to manage, report and remediate information security risks.
- Deliver security awareness training (development and delivery) and induction training for all staff.
- Support the development and maintenance of the Business Continuity Management System.
- Assist in incident response and crisis management, in the event of a security breach, natural disaster, or any other emergency.
- Stay abreast of the latest security trends, emerging threats, and regulatory requirements, and proactively adapt security measures and business continuity plans accordingly.
- Develop and maintain relationships with wider public sector and industry working groups to stay informed about best practices and leverage external expertise when needed.
Person Specification:
Essential:
At least 3 years' experience in Information Security with a focus on governance, risk, and compliance.
Strong understanding of key security areas (cyber, personnel, physical, technical) and has experience in using them to protect business assets.
Self-starter, willingness to learn new skills and be self-motivated.
Strong verbal and written communications skills.
Strong understanding of IT disaster recovery processes and methodologies including knowledge of relevant standards.
About Us:
Set up under the Gambling Act 2005, the Gambling Commission is committed to safeguarding the public against any detrimental impact brought about by gambling. We do this by keeping crime out, protecting children and vulnerable people and ensuring the commercial gambling industry is run fairly and openly. We work with the legal system, the public health system, community groups and the industry itself to understand how we can protect the interests of as many people as possible, as effectively as possible.
The closing date for this role is Tuesday 18th June 2024.
PLEASE NOTE: ensure you have the right to work in the UK before applying. We are unable to provide sponsorship for visas currently.
Incomplete applications will be discounted from shortlisting. Please ensure your application is fully completed and submitted before logging out of your account.
We reserve the right to change the closing date depending on the number of responses received. Please submit your application as soon as possible to ensure it is considered in the selection process.
As the regulator of the National Lottery, there are some roles within the Commission that are prohibited from playing the National Lottery. This does not affect your family playing. We will let you know at interview if the role you have applied for is on the Prohibited List.
This vacancy is being advertised by Webrecruit. The services advertised by Web recruit are those of an Employment Agency.