Accept Cookies? YES
This website uses cookies to store non-personal data in order to function properly.
Privacy laws effective from May 2012 mean that you need to confirm your consent
for us to store a cookie. You can find out more about cookies here.

Search Jobs

Latest News

Event: Back to work.... after time out?

Eduserv, a not for profit IT services provider based in Bath, are hosting a FREE event in collaboration with Women In Technology to support women back to work following maternity leave or a period ..

Read more

Mother IT Saga

When it comes to work and careers, women are the same as men… Almost. 1)      Are we Ambitious? We want to reach the top don’t we Theresa, Angela and Hilla..

Read more

Exercise and the Pub: The Secret to Equality in the Workplace

Some new ideas are helping IT company MirrorSphere buck the trend when it comes to female representation in the technology industry. The Oxfordshire-based business boasts a female directo..

Read more

Inspiring Women in Tech – Alex Depledge

At Baltic, we are passionate about getting Girls into IT. So much so, we invited some of our country’s truly inspiring leading ladies to answer a few of our questions and give an insight into..

Read more

Ladies & Gentlemen of the Board

Infographic                                 ..

Read more

Technology in the Workplace

In today’s modern world, technology is constantly involved in our daily lives, from the moment our cellphone wake us up through a previously set up alarm, until we fall asleep on a meticulous..

Read more

University of Edinburgh Information Services Group

Reference  
038436
Location  
Type  
Permanent
Salary  
£32,004 - £38,183 (plus package)
Salary Frequency  
Annum

Job Description:

Do you have the knowledge and skills to prevent an information security breach? The University of Edinburgh Information Services Group is currently seeking a full-time Information Security Consultant to help identify and implement appropriate controls under our recently appointed Chief Information Security Officer.

As information security risk management becomes a greater factor in how our university regulates a broad range of information that we need to use, access, or create on a daily basis, the successful candidate will act as an advocate for best practice in this critical area of control.

This is an exciting opportunity to join our Chief Information Security Officer in helping to develop, shape, and progress plans to enhance the overall security risk profile of the university. Working across all areas of the university, you will provide specialist information security advice, guidance, and user awareness training services.

This post is offered on a full-time (35 hours per week), open-ended basis.

 

Main Responsibilities:

  • In collaboration with CISO and other members of the Information Security team, pro-actively contribute to the evaluation, development and implementation of a relevant information security risk governance framework. (Approx 10% of time)
  • Working with relevant stakeholders, both internally and externally, provide technical and specialist consultancy to support the delivery of a wide range of highly complex information security solutions including secure applications, infrastructure security and operational security controls and processes. (Approx 20% of time)
  • Conduct information security risk assessments on a University-wide basis and participate in the development of risk mitigation programmes to achieve desired risk appetite levels. (Approx 10% of time)
  • Support development of training and awareness materials such as bespoke information security training sessions and regular communications to promote best practice across the University. (Approx 20% of time)
  • Pro-actively support the delivery of information security improvement projects and annual plans, identifying areas for continuous improvement. (Approx 20% of time)
  • Monitor the regulatory and industry landscape to ensure that key requirements and applicable threats are understood, assessed and, if required, addressed. (Approx 10% of time)
  • Develop best practice in relation to information security risk management and control, influencing colleagues at all levels across the business to help them understand and meet their obligations. (Approx 10% of time)

 

Required Knowledge, Skills and Experience:

Qualifications/Training

Essential

The post holder must be SC cleared, or agree to become SC cleared as a condition of employment.

Desirable

  • Recognised information security qualification (CISSP, CSIM, CRISC etc)
  • Certified ethical hacker.
  • ISO 27001 Lead Implementer.
  • Relevant post-graduate qualification.

Experience

Essential

  • Extensive experience of managing stakeholders across a multi-site, multi-disciplinary environment.
  • Proven experience with technical information security solutions to include infrastructure security, information security operations, application security, PCIDSS, physical security, security threat intelligence/analytics, encryption.

Desirable

  • Proven track record of operating as a member of an Information Security Service and helping to develop, maintain, implement and enforce Information Security Policy across an institution including an awareness of risk and the threats to information, computers and networks.
  • Development and delivery of information security awareness campaign.
  • Implementation of formal accreditation to recognised information security standard.
  • Proven experience of working with a recognized ISMS framework (ISO 27001, ISF SOGP, NIST etc).

Knowledge, Skills and Competencies

Essential 

  • Broad knowledge of information security solutions, both technical and procedural.
  • Exceptional communication skills – ability to communicate effectively with stakeholders who have varying degrees of technical understanding, have time restrictions and are focused on their own operational delivery. Must therefore be able to translate complex / technical issues to meet the stakeholder expectations.

Personal Attributes

Essential

  • Well organied and able to prioritize workload in line with tight deadlines and work effectively under pressure.
  • Highly numerate, with excellent analytical and problem solving skills and attention to detail.
  • Excellent team player with ability to work closely with others to deliver results.
  • Strong relationship management skills.
  • Flexible approach to changing priorities.
  • Ability to operate with in a secure environment against strict information security policies

Desirable

  • Enthusiastic about the information security profession and driven to continue learning and developing new skills.

 

Company Decription:

The University of Edinburgh Information Services Group is one of Scotland's largest IT employers, specializing in a wide variety of IT solutions. We provide first-rate library and IT services to the University of Edinburgh, a world leader in teaching, research and innovation.

We are committed to outstanding service delivery and continuous improvement, and believe in effective team building and communication. Often lauded for our forward looking approach, we pride ourselves on setting and maintaining high standards in line with the University’s international reputation across all areas of IT service.

We offer a range of student internships, graduate jobs, and directorships, with plenty of opportunities for international collaboration. Members of our extensive team enjoy excellent benefits such as:

  • An average of 35 days of annual leave
  • Staff discounts
  • Use of the university's topnotch sports facilities
  • An excellent pension
  • Various other family-friendly schemes

To learn more about the types of library and IT services we offer, please visit our website at http://www.ed.ac.uk/information-services. For up to date information on the latest IT news out of Scotland, don't forget to check out the IS news feed at http://www.ed.ac.uk/information-services/about/news.