Senior Security Adviser

Previously Corporate Enabler – Security Adviser.

Role summary

The Senior Security Adviser is responsible for all security advice, policies, processes and services to keep the organisation secure in line with central government standards. This includes overseeing the system for assessing risk to government against known threats and vulnerabilities, methodologies, preventive measures and security standards to inform action at organisational and individual level.

It also includes the provision of expert advice to individuals, managers, business areas and government as a whole on physical, personnel, information, technical and personal security topics. Ensuring security services deliver their required outcomes, that action is taken to mitigate the most significant risks to the organisation, premises and personnel, including risks to high profile individuals and advises the executive level on overall security performance and compliance.

Role expectations

Typical role level expectations may include the following:

• Lead development and maintenance of organisational policies, products and methodologies to drive continuous improvement and appropriate security culture in the organisation as well as cultivating and maintaining strong relationships with partners in security provision.
• Co-ordinate security requirements and service requests for a large or high-complexity government organisation, acting as an intelligent customer to the respective Cluster Security Unit/Centre of Excellence and offering a strategic picture
• Provide security advice to one or more assigned government organisations, including to address and mitigate security risks and issues, and establish, maintain and promote a positive security culture, including business continuity management system, threat and horizon scanning, exercising and preparedness.
• Lead a network of security partners across government, national technical authorities and within industry, with a goal to share best practice
• Actively lead engagement, on behalf of multiple government organisations, with the Cluster Security Unit/Centre of Excellence to ensure security consistency and maintain security and risk standards across government
• Analysing security trends and solutions for implications for government business
• Risk assessing sites, events or business operations
• Briefing and debriefing staff, including security education and awareness
• Investigating and managing security incidents

Skills

Core learning

• ISO/IEC 27001 Lead Auditor
• Certified ISO 27001 Practitioner
• Certified ISO/IEC 27001 Lead Implementer
• Cyber Assessment Framework
• Action Counters Terrorism (ACT) Elearning
• CPNI STaMP (Surreptitious Threat Mitigation Process
• Management of Risk Practitioner
• Embedding Risk Management
• Cyber Security – An Introduction
• Advanced Social Engineering
• CISSP – Certified Information Systems Security Professional\Foundation Certificate in Cyber Security
• BCI’s Incident Response and Crisis Management
• PM Project Management Qualification (PMQ)
• BCI’s Good Practice Guidelines
• The Business Continuity Foundation Course
• ISO 28000 Lead implementer
• Supplier Management (inc exam
• IACCM Fundamentals of Contract and Commercial Management
• Compliance and the Management of Compliance risk
• Certified Data Protection Practitioner (GDPR
• Workplace Investigations and Interviewing
• Managing in Crisis
• Certified Protection Professional
• BCS Certificate in Information Security Management principles
• CRISC – Certified in Risk Information Systems Control
• Working at SECRET with Rosa
• Introduction to Protective Security in Government