Security Risk Analyst

Job summary

Are you a developing Risk Analyst seeking an opportunity to work in a thriving and growing team?

If yes, we want you to join us at DWP Digital.

This is a key role to compliment the wider work being delivered within the Digital Security Risk Management (DSRM) team, with risk driving security, enabling a clear, practical, and realistic view of Cyber Security Risk information.

As a Security Risk Analyst, you will work within the Digital Group to help deliver 1st line risk identification, assessment, remediation and treatment of risks. You will identify controls and make recommendations to address security vulnerabilities and control weaknesses in project and ad hoc engagements.

Please note this role requires you to pass�clearance. For further information, please see 'Selection process details'.

Job description

The Security Risk Analyst will support, help shape, and deliver innovative ways of working to support how cyber security risk assessments are conducted within DWP.

The role will improve engagement with the risk function, collaborating with delivery teams and providing advice on how best to engage.� �

As a Security Risk Analyst, you will work towards developing a good understanding of the security tools and techniques used by DWP and to be able to contribute to core security deliverables.

You will be given appropriate responsibility and under the guidance of Cyber Security Risk Managers help build and maintain core services across digital security (including involvement and facilitation of Cyber Security Testing and Security Operations Centre Use Case process).

Summary of responsibilities include:�

Support risk management processes, issues, and dependencies (external and internal) for DSRM deliverables. Establish collaborative working across organisational boundaries, ensuring quality work is delivered at pace. Support the team lead in managing complex control and risk issues to help the wider team navigate a complex environment. Be involved with change and governance on behalf of the wider team in association with influencing security standards and governance boards, considering findings from across the wider cyber security teams. Communicate across a wide range of internal and external stakeholders, tailoring messages to ensure that it is right for the audience.

NB- it would be useful to have, or be prepared to work towards, a BCS Certificate in Information Security Management Principles (CISMP), or equivalent qualification, knowledge, or experience of physical, technical and environmental security controls, information security management, information risk, people controls, software development/ lifecycle, disaster recovery, investigation forensics and cryptography.

Person specification

When giving details in your employment history and personal statement you should highlight your experience in line with essential criteria below:

Undertakes basic risk assessments with supervision and direction. Supports some complex risk analysis as part of a team. Understand the strategic drivers being delivered by Digital Security Risk Management (DSRM) ensuring new requests and asks are pitched at the appropriate level. Remain alert to emerging issues and trends which might impact your work area. Seek out and share experiences to develop knowledge of the team�s business area. Work with others to identify areas for improvement and simplify processes to use fewer resources. Encourage ideas for change from a wide range of sources. Understand own level of responsibility and empower others to make decisions where appropriate. Analyse and use a range of relevant, credible information from internal and external sources to support decisions.�

Benefits

Alongside your salary, the Department for Work and Pensions contributes towards you being a member of the Civil Service Defined Benefit Pension scheme.�

We also have a broad benefits package built around your work-life balance which includes:

Working patterns to support work/life balance such as job sharing, term-time working, flexi-time and compressed hours. Generous annual leave � at least 23 days on entry, increasing up to 30 days over time (pro�rata for part time employees), plus 9 days public and privilege leave. Support for financial wellbeing, including interest-free season ticket loans for travel, a cycle to work scheme and an employee discount scheme. Health and wellbeing support including our Employee Assistance Programme for specialist advice and counselling and the opportunity to join a first-class programme of competitions, activities and benefits for its members (subscription payable monthly). Family friendly policies including enhanced maternity and shared parental leave pay after 1 year�s continuous service. Funded learning and development to support progress in your role and career. This includes industry recognised qualifications and accreditations, coaching, mentoring and talent development programmes. An inclusive and diverse environment with opportunities to join professional and interpersonal networks including Women�s Network, National Race Network, National Disability Network (THRIVE) and many more.

This job role may be suitable for hybrid working, which is where an employee works part of the week in their DWP office and part of the week from home. This is a voluntary, non-contractual arrangement and your office will be your contractual place of work. The number of days that anyone will be able to work at home will be determined primarily by business need but personal circumstances and other relevant circumstances will also be taken into account. If you are successful, any opportunities for hybrid working, including whether a hybrid working arrangement is suitable for you, will be discussed with you prior to you taking up your post.�

Salary Information

New entrants to the Civil Service will join on the band minimum.�

Existing Civil Servants who secure a new role on lateral transfer should maintain their current salary.��

Existing Civil Servants who gain promotion may move to the bottom of the grade pay scale or 10% increase in salary whichever would be the greater.�