At a Glance
- Tasks: Drive security risk management and strengthen compliance frameworks in cyber security.
- Company: Join Social Security Scotland's Digital Risk and Security branch.
- Benefits: Competitive salary, flexible working, and opportunities for professional growth.
- Other info: Dynamic role with opportunities to lead and influence across the organisation.
- Why this job: Make a real impact in cyber security and enhance organisational safety.
- Qualifications: Expertise in governance, risk management, and cyber security standards required.
The predicted salary is between 40000 - 50000 £ per year.
Are you ready to make a real impact in cyber security? We’re looking for an experienced Senior Information and Cyber Security Officer to join our Digital Risk and Security branch at Social Security Scotland. In this key role, you’ll help drive our Security Risk and Assurance programme and strengthen our governance, risk management, and compliance frameworks. You’ll work at the heart of our security function—partnering with the Cyber Security Risk and Assurance Manager and contributing to the ongoing development of our governance, risk, and compliance capabilities across the organisation.
The ideal candidate can:
- Apply deep expertise in governance, risk management, and assurance, using ISO 27001, NIST 800‑53, GDPR and DPA 2018 to strengthen organisational security.
- Identify, analyse, and mitigate cyber risks, giving stakeholders clear, actionable advice that enables well‑informed, auditable decisions.
- Engage and influence stakeholders, lead policy, compliance, and third‑party assurance activities, and drive the maturity of security frameworks and the ISMS.
- Contribute to security projects, build security awareness across the organisation, and support incident response to contain and resolve threats.
The Senior Information and Cyber Security Officer identifies, understands and mitigates cyber‑related risks. They provide risk or service owners with advice to help them make well informed risk‑based decisions. Independently undertake risk management activities within a given area of practice or expertise, usually within established security and risk management governance structures. Lead the analysis and derivation of business‑supporting security needs, undertake Cyber Security related risk assessments, conduct tailored threat assessment and other risk management activities, and ensure activities are consistent with applicable regulations and legislation. Provide tailored advice to a range of stakeholders on how to remedy identified risks by proportionately applying security capabilities, using published guidance, standards, and drawing on a range of experts as well as personal expertise. Provide expert security advice that highlights Cyber Security related risks, so that risk or service owners can make well‑informed and auditable decisions.
Senior Information and Cyber Security Officer in Glasgow employer: THE SCOTTISH GOVERNMENT
At Social Security Scotland, we pride ourselves on being an exceptional employer that values the contributions of our team members. Our work culture fosters collaboration and innovation, providing ample opportunities for professional growth in the rapidly evolving field of cyber security. Located in a supportive environment, we offer competitive benefits and a commitment to employee development, ensuring that you can make a meaningful impact while advancing your career.
