Security and Information Risk Advisor in Edinburgh

The base salary for this role is £48,544-£57,155. This job qualifies for Digital, Data and Technology Annual Pay supplement, 20% is included in the total remuneration above.

Pension: 28.97% of base salary (RoS contribution)

Annual leave: 38 days annual holiday, increasing to 42 days with length of service.

Duration: Permanent

Working Pattern: 35 hours per week. We are a flexible employer and will consider a variety of working patterns.

Location: This will be a hybrid role with office attendance as required at either Meadowbank House (Edinburgh) or St Vincent Plaza (Glasgow). It is expected that you would attend the office regularly during your initial training and learning period.

Number of vacancies: One

Grade: SEO

Closing date: 10 February 2026 - 23:59

Registers of Scotland (RoS) is a world-leading pioneer in land and property registration. We hold the answer to the question, "Who owns Scotland?" We are a modern, digital organisation and our success relies on building a diverse team of dedicated, skilled and motivated people.

Inclusion

We welcome applications from all backgrounds and are committed to building a diverse workforce that reflects Scotland. We particularly welcome applications from underrepresented groups in technology and design. Your unique perspective and experience will strengthen our team's ability to create services that work for all our communities.

The role

An experienced Security and Information Risk Advisor (SIRA) is required to play a pivotal role in strengthening and maturing our organisation’s cyber security posture. You will provide expert guidance on the identification, analysis, and treatment of information security risks, and support the continued development, operation, and improvement of our Information Security Management System (ISMS).

This is a key position within Information Security Risk and Assurance. In this role, you will offer technical information security expertise across both established and emerging services, ensuring compliance with Registers of Scotland (RoS) policies, standards, and relevant legislation and frameworks. Working collaboratively with technical and non-technical teams, you will help embed effective security controls, improve security outcomes, and foster awareness of threats and best practice.

You will also contribute to the continual enhancement of our policies, standards, processes, and controls, as well as support organisational reporting and assurance activities across on-premise and cloud environments.

On a typical day you will…

• Formulate strong relationships between the Information Security and Risk function and business teams, both technical and non-technical.
• Promote Information Security and Risk Services offered.
• Conduct technical assurance activities of systems, services, and products.
• Assist stakeholders in understanding and fulfilling their information security roles and responsibilities.
• Provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
• Obtain and act on vulnerability information and conduct security risk assessments and business impact analysis on complex information systems.
• Contribute to the development of information security policy, standards, and guidelines.
• Interpret information assurance and security policies and apply these in order to manage risks.
• Provide advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards, and guidelines.
• Use control testing information to support information assurance assessments.
• Collection and dissemination of relevant information and risk management information.
• Deliver sessions and workshops for the scoping, identification, and analysis of security risks to the confidentiality, integrity, and availability of information assets, and propose appropriate controls and actions for risk remediation.
• Observe instances of Non-Conformance, providing details of findings and the motivation for the issue.
• Undertake internal audit/assurance activities to observe and evaluate ISMS processes and Security Controls and provide internal stakeholders with reports that outline findings and areas for improvement of compliance.
• Deliver Supply Chain risk assessment and assurance activities for identified suppliers and 3rd parties that have access to RoS information.

This job is for you if you want…

• Work with purpose: we strive to provide the best public service and set the bar for land and property registration worldwide.
• Flexible and hybrid working: work when and where it’s best for you and your stakeholders, depending on the role and team requirements.
• Benefits: enjoy pay progression, pension contributions of up to 28.97%, up to a year’s parental leave, and 38 days annual holiday, increasing to 42 days with length of service.
• Investment in professional development: we invest in all our people so that they have the right skills to be productive and confident in their job.
• Diversity and Inclusion: We are an ‘Investor in People’ and a ‘Disability Confident’ employer. We are inclusive, stronger together, and committed to putting our people first.
• Positive work culture: RoS is an agile, digital organisation using leading-edge technology. Colleagues understand their role in achieving our strategy and have the autonomy to deliver.

To learn more about RoS and the benefits we offer visit our careers pages or watch this short video. Hear directly from our colleagues about their experience of working within our Digital, Data and Technology teams on our website.

Click 'Apply' to view our full advert and application process.