Technical Security Adviser
Role overview
The role of a Technical Security Adviser is to provide Technical Security advice to identify and mitigate security risks in line with business needs.
Role level
Typical role expectations
- Provide expert advice on Technical Security to the Government Security Profession and wider public and private sectors
- Conduct risk assessments in the local environment, extracting insights to provide an informed opinion on Technical Security risks and the adequacy of controls in place
- Align with relevant regulation, policy and standards to provide proportional, practical advice that is tailored to the local environment, and advise on any residual risk
- Monitor the efficiency and effectiveness of the Technical Security processes across the organisation, and make recommendations for continual improvement
- Maintain awareness of current and emerging technologies and their impact on existing security practices
Typical role expectations
- Provide expert advice on Technical Security to the Government Security Profession and wider public and private sectors
- Manage and commission risk assessments in the local environment, extracting insights to provide an informed opinion on Technical Security risks and the adequacy of controls in place
- Create an organisational vision for aligning regulation, policy and standards to provide proportional, practical advice that is tailored to the local environment, and advise on any residual risk
- Create and monitor standards regarding efficiency and effectiveness of the Technical Security processes across the organisation, and make recommendations for continual improvement
- Maintain awareness of current and emerging technologies and their impact on existing security practices
Skills
| Skill | Lead | Principal |
|---|---|---|
| Applied Technical Security | Practitioner | Expert |
| Risk understanding and mitigation | Practitioner | Expert |
| Protective security | Working | Practitioner |
| Threat understanding | Working | Practitioner |
| Legal and regulatory environment and compliance | Working | Working |
Core learning
Lead
Certified ISO27001 Practitioner
UK NACE – Rising Building Security
Internet of Things (IoT) Security Standards for Government
Principal
Certified ISO27001 Practitioner
(ISC)2 Certified Information Systems Security Professional Training (CISSP)
Regulation of Investigatory Powers Act (RIPA) Senior Authorising Officer