Platform

hi - logo
Platform overview
Tech hiring. Reimagined.
source-icon
Source
Hire perm staff in half the time
ho - logo
On-demand
Hire world class contractors
pricing-menu-icon
Pricing
Flexible pricing & plans

Solutions

Resources

Save time and effort sourcing top tech talent
Start your free trial
Secure your dream tech role
Get started

Senior Information and Cyber Security Officer (Closing Date - 05/28/2025)

Glasgow, United Kingdom
Security Architect Cyber Security Engineer Security Engineer Information Security Leader Security Analyst
Social Security Scotland
Actively hiring
Apply by creating a free profile
Back to jobs

hackajob is partnering with Social Security Scotland to fill this position. Create a profile to be automatically considered for this role—and others that match your experience.

Senior Information and Cyber Security Officer (Closing Date (28/05/2025)

  • Locations Glasgow, United Kingdom Dundee, United Kingdom (Hybrid)
  • Minimum Annual Salary£45,894
  • Maximum Annual Salary£54,952
  • Pay Supplement £5,000
  • Working Pattern Full Time
  • Number of Openings 1
  • Apply Before 05/28/2025, 01:55 AM

Are you ready to lead the way in safeguarding social security services and making a real difference? Join our Digital Risk and Security team as a Senior Information and Cyber Security Officer, where your expertise will assist in shaping the future of Security Risk and Assurance within Social Security Scotland.

As a key member of the Digital Risk and Security branch, you will play a pivotal role in advancing our ambitious Security, Risk and Assurance programme. Our branch is divided into two areas: Security Operations, which handles cyber operations and cloud security functions; and Security Risk and Assurance, which is responsible for security risk management, compliance, and architecture.

Working closely with the Cyber Security Risk and Assurance Managers, Security Architects, and colleagues across the Chief Digital Office, you will help to ensure the confidentiality, integrity, and availability of vital digital systems and releases. This high-impact role offers an exciting opportunity to implement robust cyber security controls which aid in the delivery of services for Social Security Scotland.

As a Senior Information and Cyber Security Officer, you will identify, understand and mitigate cyber-related risks. You will provide risk or service owners with advice to help them make well informed risk based decisions.

  • Independently undertake risk management activities within a given area of practice or expertise, usually within established security and risk management governance structures.
  • Lead the analysis and derivation of business-supporting security needs, undertake Cyber Security related risk assessments, conduct tailored threat assessment and other risk management activities, and ensure activities are consistent with applicable regulations and legislation.
  • Provide tailored advice to a range of stakeholders on how to remedy identified risks by proportionately applying security capabilities, using published guidance, standards, and drawing on a range of experts as well as personal expertise.
  • Provide expert security advice that highlights Cyber Security related risks, so risk or service owners can make well-informed and auditable decisions.

Responsibilities

The Senior Information and Cyber Security Officer will help to maintain the desired cyber security posture in line with our risk appetite. They will have experience of developing an Information Security Management system within a fast paced environment.

  • Lead the provision of advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
  • Lead teams responsible for obtaining and acting on vulnerability information and security risk assessments and business impact analysis on complex information systems.
  • Development of information security policies, standards, procedures, and guidelines, including consulting on their development and ensuring ongoing compliance. 
  • Interpret information assurance and security policies and applies these in order to manage risks.
  • Provide advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards and guidelines.
  • Use control testing information to support information assurance assessments.
  • Threat Identification and Risk Management.
  • Security Project Design, Procurement and Implementation.
  • Third Party Oversight.
  • Internal and External Security Assessments.
  • Security Awareness Programme.
  • Providing consultancy on projects.
  • Supporting and developing the Information Security Management system.
  • Incident Response.
  • Leading and mentoring a number of security staff.

Success Profiles
We use an assessment framework called ‘Success Profiles’ which lists the elements we test and provides detailed descriptions of each. 

Essential Experience 

  1. In-depth knowledge of Information Security standards such as ISO/IEC 27001 and NIST SP 800-53, with a proven ability to interpret and apply these standards in organisational contexts.
     
  2. Demonstrated experience in providing expert information security advice and leadership in the planning, execution, and management of Information Security projects, ensuring alignment with organisational goals and industry best practices. 

Behaviours 

  • Leadership
  • Communicating and influencing
  • Delivering at pace

Technical / Professional Skills 
This role is aligned to Lead Cyber Security Risk Manager within the Digital, Data and Technology Profession. 

These skills will be tested during the Technical Assessment if you are successful at sift stage. They will be not be assessed at application stage. 

How to Apply  
Apply online, you must provide a CV and Supporting Statement (of no more than 750 words) which provides evidence of how you meet the experience and behaviours listed in the Success Profiles above.  

In the event that we receive a high volume of applications, we may conduct an initial sift using the CV and Supporting Statement based on the first Experience criteria. Candidates who successfully pass this initial sift will have their applications fully assessed.

Candidates who are successful at sift stage will be invited to attend an Interview and Technical Assessment. The interview will further assess the Experience and Behaviours listed in the job advert and the Technical Assessment will evaluate the Technical Skills relevant to the role. 

Candidates who pass the sift and are invited to the Interview and Technical Assessment stage will receive a Technical Assessment Candidate Pack, which will outline the skills to be assessed and the assessment methods to be used.

Following the application sift, there may be a telephone interview as part of the assessment process before the main interview.

Please note, we aim to provide feedback on request. However, if we receive a large number of applications it may not be possible for us to provide specific feedback on your application. We will provide feedback on request to candidates who attend an interview/assessment. 

Information Session   
We will be hosting an online information session on Tuesday 20th May from 13:30 - 14:30.  The session will be covering:

  • The Senior Information and Cyber Security Officer role and Digital Risk & Security team
  • About Social Security Scotland
  • Our recruitment process
  • Q&A with the hiring manager 

Please join us using the link below.

Expected Timeline (subject to change) 
Sift – w/c 26th May 
Interview – w/c 16th June 
Location – In Person in either Dundee or Glasgow

Reserve List   
In the event that there are more successful candidates than posts available, a reserve list will be kept for up to 12 months.  

About Us  
Social Security Scotland is an Executive Agency of the Scottish Government. Our benefits help people from all walks of life in Scotland. We offer rewarding careers and employ people across Scotland in a wide range of professions and roles. We are committed to recruiting a diverse workforce that is representative of the clients we serve. 

We offer a supportive and inclusive working environment along with a wide range of employee benefits.

As part of the UK Civil Service, we uphold the Civil Service Nationality Rules.    

DDaT Pay Supplement 
This post is part of the Scottish Government Digital, Data and Technology (DDAT) profession and as a member of the profession you will join the professional development system.  This post currently attracts a £5,000 annual DDAT pay supplement, applicable after a 3 months competency qualifying period. The payment will be backdated to your start date in the role. Pay supplements are reviewed regularly and there is one currently underway. Changes will be communicated when the review is concluded. 

Working Pattern 
Our standard hours are 35 hours per week and we offer a range of flexible working options, depending on the needs of the role. We embrace a hybrid working style where all colleagues will spend time in either our Glasgow or Dundee offices. There is an expectation of a minimum 2 days per week in your assigned location, which will be either Glasgow or Dundee.  If you have specific questions about the role you are applying for, please contact us.  

Equality Statement  
Social Security Scotland are committed to equality and inclusion and we aim to recruit a diverse workforce that reflects the population of our nation.    

Social Security Scotland are a Disability Confident Employer. We will consider and implement any reasonable adjustments you may require throughout the recruitment process and during the course of your employment, should you be successful in securing a post. If you feel you may require assistance with any part of our recruitment process, please contact us at recruitment@socialsecurity.gov.scot 


Further Information  
This post requires the successful candidate to clear additional National Security Vetting clearance before a start date can be offered. Further information regarding National Security Vetting clearance can be found here - United Kingdom Security Vetting: Applicant - GOV.UK (www.gov.uk) 

Read our Candidate Guide for further information on our recruitment and application processes.  

The successful candidate will be expected to remain in post for a minimum of 3 years unless successful in gaining promotion to a higher Band or Grade.   
 
Social Security Scotland’s recruitment processes are underpinned by the recruitment principles of the Civil Service Commissioner, which outline that selection for appointment be made on merit on the basis of fair and open competition.

If you feel at any time your application has not been treated in accordance with the values in the Civil Service Code and/or if you feel the recruitment has been conducted in such a way that conflicts with the Civil Service Commissioner’s Recruitment Principles, you can make a complaint, by contacting Social Security Scotland at recruitment@socialsecurity.gov.scot in the first instance. If you are not satisfied with the response you receive you can contact the Civil Service Commissioner.

If you experience any difficulties accessing our website or completing the online application form, please contact the Resourcing Team via recruitment@socialsecurity.gov.scot     

Apply by creating a free profile
Back to jobs

hackajob is partnering with Social Security Scotland to fill this position. Create a profile to be automatically considered for this role—and others that match your experience.

Upskill

Level up the hackajob way. Verify your skills, learn brand new ones and test your ability with Pathways, our learning and development platform.

Find out more

Ready to reach your potential?

Find out more