Enterprise Security Risk Manager Department for Work & Pensions
Reference
1604859 Enterprise Security Risk Manager
Number of vacancies
2
Location
Blackpool, Manchester, Leeds, Newcastle, Sheffield or London
Salary
See Job Description for Details
Work hours
37
Employment type
Permanent
Job benefits
A brilliant Civil Service pension with employer contributions circa 20%, generous annual leave, flexible working, great work life balance and lots more.
Closing date
19 November 2018
Job description
Senior Enterprise Security Risk Manager and Enterprise Security Risk Manager, DWP Digital:
If you’re creative and curious to learn, want to be empowered to make decisions and challenge the norm, and want to bring BIG ideas to a MASSIVE digital challenge then you’ll love it here. And we’d love to hear from you.
We’re looking for talented Senior Enterprise Security Risk Manager and Enterprise Security Risk Manager to join our growing community of experts and become a key part of one of the biggest and highest-profile digital transformation programmes in the world.
Using fresh ideas and leading edge technologies – and putting the user at the centre of everything we do – we create innovative digital solutions that make a difference to the lives of our 22 million users.
You and your role
DWP is at the forefront of risk-based security within Government and is the first department to adopt a Governance Risk and Compliance methodology as well as leading on the tranches of the Transformed Security model in HMG.
Senior Enterprise Security Risk Manager essential skills:
- Certified in Risk and Information Systems Controls (CRISC), or equivalent risk management qualifications, and or proven knowledge of risk management – identification, assessment, risk response and mitigation, control monitoring and reporting.
- SO27005 Certified ISMS Risk Management (CIS RM) qualification (ISO 17024-certificated) and experience of undertaking information assurance reviews such as ISO27001 assurance.
- Knowledge and experience in the design, implementation, and/or operation of enterprise scale GRC programmes and IT security risk management frameworks or capabilities, ideally within a large government or complex large multi-supplier organisation or GRC Certified Professional GRC (P) level certification.
- Certified Information Systems Security Manager (CISSP), (Certified Information Security Manager (CISM), or an equivalent security qualification.
Enterprise Security Risk Manager essential skills:
- BCS Certificate in Information Security Management Principles (CISMP), or equivalent qualification, or equivalent knowledge, or equivalent experience of physical, technical and environmental security controls, information security management, information risk, people controls, software development/ lifecycle, disaster recovery, investigation forensics and cryptography.
- Certified in Risk and Information Systems Controls (CRISC) or equivalent risk management qualifications, and/or proven knowledge of risk management – identification, assessment, risk response and mitigation, control monitoring and reporting.
- A good knowledge of risk management frameworks, enterprise scale GRC programmes, and risk management best practice. GRC Certified Professional GRC (P) level certification
- ISO27005 Certified ISMS Risk Management (CIS RM) qualification (ISO 17024-certificated).
Where You’ll Work
You’ll join us in one of our easy-to-reach digital hubs in Leeds, London, Newcastle, Sheffield, Blackpool or Manchester.
Each of our hubs is a modern, vibrant workplace that was designed for and by members of our digital community. Our central hubs have the best of the city on the doorstep, and we have a range of facilities across the sites from cafes, coffee shops and restaurants, to ping pong, a swimming pool, gym facilities and loads more.
Here we provide the latest tech and tooling and foster a collaborative culture to help our agile, multidisciplinary teams think big and try new things. You will work alongside people who care passionately about public service, making a difference and delivering for our customers.
We’re the UK’s biggest government department with over 80,000 diverse and brilliant people on our team. We are an equal opportunity employer and we welcome applications regardless of age, gender, race or sexuality.
Our Offer
Enterprise Security Risk Manager salary £33,283 – £39,087 (National) and £37,663 – £43,270 (London) and additional recruitment and recruitment retention allowance (RRA) up to £7,000 may be paid for exceptional candidates depending on qualifications, certifications and experience.
Senior Enterprise Security Risk Manager salary £46,915 – £57,275 (National) and £51,587 – £62,146 (London) and additional recruitment and retention allowance (RRA) up to £7,000 may be paid for exceptional candidates depending on qualifications, certifications and experience.
We also have a broad benefits package built around your work-life balance which includes:
- Flexible working
- Family friendly policies
- Volunteering and charitable giving
- Discounts and savings on shopping, fun days out and more
- Interest-free loans to buy a bike or a season ticket, so it’s even easier for you to get to work and start making a difference
- Sports and social activities
- And lots more
Building Our Future
We believe the work we do really matters, so we’re serious about investing in your ability.
You’ll have access to a huge suite of training and learning opportunities to complement the new skills and experience you’ll acquire on the job. You’ll share ideas with colleagues from across the tech community, and grow your skills via our coaching and mentoring programmes.
For further information click apply or contact CHRIS.HUSTON@DWP.GSI.GOV.UK.
Your contact will act as an expression of interest, and we will quickly get back to you with a full job description and details on how to formally apply.
The deadline for receipt of formal applications is 19/11/2018