Information Security Analyst

On behalf of the Cabinet Office, we are looking for an Information Security Analyst (Inside IR35) for a 5-Month contract based Hybrid in London, Bristol or Manchester.

Reporting to the Cyber Transformation Manager, the post holder will be responsible for leading on cyber and information security risk assessments across the Department and its Business Units. The assessments include understanding the Department's alignment to the NCSC Cyber Assessment Framework (CAF) and the related HMG standards.

The post holder will work within a cyber transformation programme but alongside the Central Cyber and Information Security team in delivering against agreed deadlines whilst maintaining all aspects of information security risk management.

SC Clearance is an essential requirement for this role, as a minimum you must be eligible and willing to undergo these checks.

As an Information Security Analyst your main responsibilities will be to:
* Support the Information Security and Assurance Manager in delivering the Information Security.
* Support continuous improvement for information security practices and engagement.
* Lead the development and enhancement of cyber security risk management practices. This will include the development of methodologies, and processes as well as leading their adoption across the department.
* Develop and implement processes to scale up the assessment of compliance against internal security policy as well as external requirements such as GovAssure.
* Evaluate and assess cyber security controls across the business engineering practices and its third-party vendors to ensure compliance with the NCSC CAF.
* Conduct comprehensive risk assessments using the NCSC CAF.
* Collaborate with cross-functional teams to develop and implement risk management activities.
* Use risk management techniques to identify cyber threats, risks and issues in a timely manner.
* Be proficient in threat modelling methods and familiar with tooling practices in threat modelling.
* Support the creation and maintenance of security policies, guidance and standards.
* Support the creation and collection of metrics, validation of security control performance and the identification of emerging cyber risks.

Essential:
* Sound knowledge of and experience in an Information Security or Security Governance Risk & Compliance (GRC) role.
* Experience authoring tailored policy and process documentation.
* Experience working in a professional services environment.
* Hands-on experience conducting cyber risk assessments and developing cyber risk mitigation strategies.
* Proficiency in conducting cyber security control assessments.
* Hands-on knowledge and experience working with recognised security frameworks such as, NCSC CAF, ISO27001, ISO 27005, ISO 31000, NIST 800-53.
* Strong interpersonal and communication skills (written and verbal), with the ability to interact with technical and non-technical stakeholders at all levels.
* Ability to acknowledge and respond positively to exceptional events in information security to meet business objectives.
* SC cleared minimum or BPSS but willing to undergo SC clearance.

Please be aware that this role can only be worked within the UK and not Overseas.

Disability Confident

As a member of the Disability Confident Scheme, The Cabinet Office guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply.

Armed Forces Covenant

The Cabinet Office guarantees to interview veterans or spouses / partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates / military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group.

In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different".