Technical Security Adviser
Role summary
The role of a Technical Security Adviser is to provide Technical Security advice to identify and mitigate security risks in line with business needs.
Entry route
Internal
Suitable for an individual from the Government Security Profession or other relevant profession – for example, Science and Engineering Profession.
External
Suitable for an individual who has worked as a Technical Security consultant in industry.
Typical role expectations
- Provide expert advice on Technical Security to the Government Security Profession and wider public and private sectors
- Conduct risk assessments in the local environment, extracting insights to provide an informed opinion on Technical Security risks and the adequacy of controls in place
- Align with relevant regulation, policy and standards to provide proportional, practical advice that is tailored to the local environment, and advise on any residual risk
- Monitor the efficiency and effectiveness of the Technical Security processes across the organisation, and make recommendations for continual improvement
- Maintain awareness of current and emerging technologies and their impact on existing security practices
Typical role expectations
- Provide expert advice on Technical Security to the Government Security Profession and wider public and private sectors
- Manage and commission risk assessments in the local environment, extracting insights to provide an informed opinion on Technical Security risks and the adequacy of controls in place
- Create an organisational vision for aligning regulation, policy and standards to provide proportional, practical advice that is tailored to the local environment, and advise on any residual risk
- Create and monitor standards regarding efficiency and effectiveness of the Technical Security processes across the organisation, and make recommendations for continual improvement
- Maintain awareness of current and emerging technologies and their impact on existing security practices
Skills
| Skill | Lead | Principal |
|---|---|---|
| Applied Technical Security | Practitioner | Expert |
| Risk understanding and mitigation | Practitioner | Expert |
| Protective security | Working | Practitioner |
| Threat understanding | Working | Practitioner |
| Legal and regulatory environment and compliance | Working | Working |
Core learning
Lead
TSCM-ARBS: TSCM Advanced Rising Building Security
ISO/IEC 27001 Foundation
IoT (Internet of things) security standards for Government
Principal
Certified ISO 27001 Practitioner
(ISC)2 Certified Information Systems Security Professional Training (CISSP)
Regulation of Investigatory Powers Act (RIPA) Senior Authorising Officer