Security Business Partner

Typical role level expectations

Act as the focal point for security and information management queries, collating and communicating necessary policies, procedures and threat information.

Ensure and monitor compliance to local security operations, policy and procedures.

To undertake risk based bespoke assurance work.

Support the provision of security advice to an assigned government organisation, including addressing and mitigating security risks/issues and supporting the maintenance of a security culture.

Manage the development and maintenance of organisational policies and products to drive continuous improvement.

Manage risk assessment outcomes for stakeholders to support effective security, risk management and decision-making, and advise on their approach to risk assessment.

Support and improve the appropriate protective security within the organisation to encourage an effective risk-based approach to security across the estate, taking into account political, economic, social, technological, legal and environmental considerations.

Deliver continuous improvement within wider government and across national and international standards, enforce sanctions and encourage the sharing of best practice.

Advise on movement, storage, access, retention and disposal of information.

Providing support to Business Impact Assessments, Data Protection Impact Assessments, Information Security Risk Tool assessments, Security risk assessments and impacting and new contract assurance.

Typical role level expectations

Provide expert advice assistance and challenge on complex security and information management requirements within department and across government.

Promote and manage the development and maintenance of organisational policies, products, methodologies and risk management processes to drive continuous improvement.

Manage the establishment of an appropriate protective security organisational approach to ensure an effective risk-based approach to security across the estate, taking into account political, economic, social, technological, legal and environmental considerations.

Review quantitative and qualitative data to support the creation of evidence-based policy, evaluating and presenting evidence via appropriate channels.

Coordinate business continuity planning within business areas, providing oversight, expert advice and assurance to those developing business continuity plans.

Advise, challenge and monitor compliance to GDPR.

Provide expert advice on the storage, access, retention and disposal of information.

Delivering security governance including assuring complex Business Impact Assessments, Data Protection Impact Assessments, Information Security Risk Tool assessments, Security risk assessments and impacting and new contract assurance.

Promote security-conscious behaviours and good security risk management practices within the Government Security Profession the security culture and wider government.

Assessment, monitoring and analysis of security incidents.

Typical role level expectations

Coordinate and provide advice on security and information management requirements and service requests for government organisations.

Provide security advice and challenge to one or more assigned directorates, including to address and mitigate security risks and issues, and establish and maintain a security culture.

Contribute to the writing, development and maintenance of organisational policies, products and methodologies to drive continuous improvement.

Communicate and escalate risk assessment outcomes to leaders within government in ways that support effective security strategy, risk management and decision-making, and advise leaders on their approach to risk assessment in the context of their organisational outcomes.

Engage with complex risk management processes across an organisation, reviewing their efficiency and effectiveness, leading recommendations for continuous improvement.

Influence the establishment of an appropriate protective security organisational posture and encourage an effective risk-based approach to security across the estate.

Engage with the development of mechanisms to drive continuous improvement within departments/wider government and across national and international standards, and encourage the sharing of best practice.

Shape strategic direction based on quantitative and qualitative data to support the creation of evidence-based policy.

Oversight, strategic direction and provision of advice for the movement, storage, access, retention and disposal of information.

Advising and supporting senior management and acting to improve data protection culture in own business area.

Champion the development of a security culture within an organisation and customer group.

Actively engage with and promote the development and delivery of security education and awareness programmes and initiatives across own business areas and the Government Security Profession.