Lead Cyber Security Analyst

ABOUT THE JOB

To be responsible for the provision of security operations and the compliance of Police Scotland and the Scottish Police Authority’s (SPA) ICT against nationally recognised security standards.

This includes responsibility for the Security Operations Centre and the real-time alerting and monitoring of the associated cyber defences, the auditing of Police Scotland and SPA systems and data, and reporting against agreed standards and benchmarks to ensure the continued confidentiality, integrity and availability of Police Scotland and SPA data.

Key duties of the role are to manage, provide direction and act as the key escalation point to a team of Cyber Analysts and Auditors with duties including:

· Responsible for ensuring cyber security incident response capabilities to the organisation are managed and maintained

· Use of complex ICT tools and process to undertake the proactive monitoring of cyber threats and associated intelligence, to identify and remediate security vulnerabilities, and thereby reduce associated organisational risk

· Responsible for ensuring agreed security standards, policies and procedures are adhered to in relation to ICT systems and services implemented within Police Scotland and SPA

· Be responsible for the operation, management and development of the Security Information and Event Management (SIEM) solution and related security technologies

· Assist with the management and execution of the annual Cyber Essentials+ and IT Healthcheck (ITHC) certification process and associated remediation activities  Responsible for the management of a regular audit schedule using a number of complex technical tools to identify vulnerabilities across applications, systems and infrastructure

· Responsible for the mitigation of identified vulnerabilities to ensure Police Scotland security accreditation is maintained

· Manage internal audits, investigations, Freedom of Information (FOI) and General Data Protection Regulation (GDPR) requests

· Be responsible for the reporting of audit findings and resolution to senior stakeholders within the organisation

· Be responsible for developing security recommendations to senior management based on audit findings, in order to enhance and improve operational delivery and security

· Own / be responsible for the remedial action / risk reduction plans that result from security audits, cyber exposures and security assessments

· Support the Cyber Security & Assurance Manager in the development of relevant strategies and policies

To help plan and develop Police Scotland and SPA’s security model, including working closely with Information Management to create an efficient accreditation process, and assisting ACU and PSD with internal confidential investigations as required.

To promote and develop continuous improvement to processes within the remit of this team, providing leadership and guidance to team members and supporting / deputising for the Cyber Security and Assurance Manager where required.

This post is flexible across Scotland

ABOUT YOU

You will be Educated to Degree level in a technical discipline with ISMS knowledge - ISO 27001 & 27002, NIS, NIST. Or, equivalent demonstrable experience in security standards

You will have experience of working flexibly, whilst under pressure, to deliver agreed milestones; experience of producing excellent communications both verbal and written, with excellent soft skills and the ability to influence; Experience in managing a team of staff; and experience in chairing meetings

You will have advanced Technical skillsets and knowledge of security products and technologies including Security Information and Event Management (SIEM), Anti-Malware, Proxies, Endpoint Detection and Response (EDR), Intrusion Detection\Prevention (IDS\IPS), Multi-Factor Authentication, Vulnerability Management and Firewalls; strong negotiation and influencing skills; highly developed analytical and problem solving skills; the ability to focus on complex problems for extended period of time; and excellent planning, prioritisation and organisational skills.

This full time post is permanent and requires Management Level and Security Clearance Vetting. You will work 35 hours per week, Monday-Friday, 9am-5pm.

The following competencies at level 2 will be used for the selection process:

We are emotionally aware

We take ownership

We are collaborative

We deliver, support and inspire

We analyse critically

We are innovative and open minded

BENEFITS

- Competitive salary and guaranteed allowances

- Annual salary increments

- Local Government Pension Scheme

- 28 days annual leave and 6 public holidays on appointment

- Wide range of family friendly policies

- Employee Assistance Programme

- Access to range of staff associations

- Scottish Police Recreation Association

- Scottish Police Credit Union

- Cycle to Work Scheme

Please find below a list of our ICT locations throughout Scotland. Candidates can discuss their preferred location at interview. The location however cannot be guaranteed and is subject to space being available.

• Aberdeen, Nelson Street

• Dumfries, Cornwall Mount

• Dundee, Rushton Court

• Edinburgh, Bilston Glen

• Edinburgh, Fettes Ave

• Glasgow, Dalmarnock

• Glasgow, FCTC Complex, Helen Street

• Glenrothes, Detroit Road

• Inverness, Perth Road

• Scottish Crime Campus, Gartcosh

• Scottish Police College, Tulliallan

• Stirling, Randolphfield

INTERVIEW GUARANTEE

The Scottish Police Authority / Police Scotland is committed to positive action in the recruitment and selection of people with disabilities. We guarantee an interview to any applicant who has a disability, as defined under the Equality Act 2010, and who meets the essential criteria for the post. Please regard this as an opportunity to let us help you. Tell us of any aspects which could present difficulties and any suggestions for overcoming these.

RESIDENCY AND ELIGIBILITY TO WORK IN THE UK

Applicants must be a British citizen, a member of the EU or other states in the EEA, a Commonwealth citizen or a foreign national free of restrictions. You should also have been resident in the UK for a minimum of five years immediately prior to application.

TO APPLY

Please visit the Police Scotland Career Site for Job Reference Number - 1067