23157 - HMPPS Information Security Manager

£38,196 - £45,836
6
12 Months
London
Westminster
102 PETTY FRANCE (MOJ) LONDON, SW1H 9AJ
SEO
Band 7
Permanent
Full Time
Business Management & Improvement, Information Technology, Knowledge & Information Management, Policy

The role supports the HMPPS Senior Information Risk Owner (Director level), reporting directly or via the Information Security team line management.

On occasions the job holder will need to interact with the CEO’s office plus other senior leaders across the MOJ, Cabinet Office and senior leaders in contracted third party suppliers.

The job holder will be responsible for all areas of Information Security, Data Protection, Records Management, Data Incident Management.

The post holder will also undertake Information related security projects on behalf of the directorate.

The post holder will be deployed on a flexible basis to take responsibility for delivering HMPPS objectives in the fields of information policy, assurance and security.


Overview of the job


The role supports the HMPPS Senior Information Risk Owner (Director level), reporting directly or via the Information Security team line management.


On occasions the job holder will need to interact with the CEO’s office plus other senior leaders across the MOJ, Cabinet Office and senior leaders in contracted third party suppliers.


The job holder will be responsible for all areas of Information Security, Data Protection, Records Management, Data Incident Management.


The post holder will also undertake Information related security projects on behalf of the directorate.


The post holder will be deployed on a flexible basis to take responsibility for delivering HMPPS objectives in the fields of information policy, assurance and security.


Summary


The role is busy and demanding, requiring some work out of hours as on-call on a rota basis.


The post holder will require strong influencing and relationship management skills, with a good knowledge of the business of the whole of HMPPS and its contracted partners, specifically in how the business uses data, all classes of data are included, personal, business etc.


The post holder will manage, record all reported data incidents for HMPPs contracted third party suppliers and are responsible for covering a 24 hour incident reporting line that is used across HMPPS and MOJ agencies and arm length bodies, ensuring HMPPS complies with relevant legislation, provide on and off-site training in all aspects of Information Management and Security. The team are policy owners for a set of Information Security, IT Security and Records Management policies.


The post holder will be required to maintain a good working relationship with all directorates within the organisation, Prisons, NPS, CRCs and all other contracted third-party providers.


Reports directly to the HMPPS Senior Information Risk Owner, or via the deputy head of the information security team.


The post has no line management responsibilities.


They will be expected to work closely with the business, generally reporting via their manager to Director or Deputy Director chaired boards and being required to demonstrate they have consulted and tested their proposals with senior operational managers.


Responsibilities, Activities & Duties


The job holder will be required to carry out the following responsibilities, activities and duties:


Liaise directly with Directors, Deputy Directors, Prisons Governors, Senior business leaders across NPS and Senior leaders for third-party suppliers.


Policy


To help develop and maintain the HMPPS information security policies, accompanying standards, procedures and guidance.


Compliance


To develop and deliver a programme of planned compliance reviews across HMPPS, NPS and contracted third party suppliers and ensure any gaps are addressed, reporting findings to the Information security team managers, and SIRO.


Ensure that all sites receive the annual compliance template, and that they return it completed within the set timescales. Once returned compile the information and analyse the information returned to identify training needs and compliance/noncompliance of sites and produce a report for the SIRO.


SIRO Support


Report when required directly to the SIRO (Director level) on priority matters, specifically data incidents that could cause organisational reputational damage, Risk to individuals or Groups, and possible Financial loss due to Information Commissioner’s involvement.


Training


To promote security awareness by further developing and implementing the annual security awareness training, and continue to improve on our existing training packages.


Communications


Communicate regularly with HMPPS communications team to ensure


Communications are developed and issued appropriately to HMPPS and the wider stakeholder group.


Incident Management


Be responsible for covering on a rota basis the 24 hour data incident reporting and enquiry line, the line covers, HMPPs LAA, OPG, MOJ, LAA, CICA, HMCTS, Liberata, SSCL, Captia etc. Offering help and advice to those who call in on the incident line. As well as evaluating all incoming incidents and assign appropriate level of severity marking to each one.


Risk Management


Take charge of ensuring that the HMPPS Information Risk register is kept current and that appropriate controls/treatments are in place and that the register is fed into the Director (SIRO).


Stakeholder Engagement


Continuous stakeholder identification and mapping is required, both internal and external.


Technology


Coordination of the Risk Management Accreditation Set (RMADS) or assurance documents for third party suppliers who wish to introduce new or revised technology into HMPPS sites.


FOI & PQS


Responsible for management, quality and timeliness of briefings, FOI, PQS ensuring compliance with regulatory timescales.


The duties/responsibilities listed above describe the post as it is at present and is not intended to be exhaustive. The job holder is expected to accept reasonable alterations and additional tasks of a similar level that may be necessary. Significant adjustments may require re-examination under the Job Evaluation Scheme and shall be discussed in the first instance with the job holder.


Competencies  


For the purpose of selection the following competencies will be measured:


Setting Direction


  • Making Effective Decisions

Delivering Results  


  • Managing a Quality Service
  • Delivering at Pace

Engaging People


  • Leading and Communicating

HMPPS Specific Skills and Behaviours


  • Showing Drive and Resilience


Essential Skills, Qualifications, Accreditation & Registration  


  • The candidate must have excellent analytical and drafting skills.
  • An understanding of the Data Protection Act 2018/GDPR 2016.
  • An elevated level of organisational knowledge and operational understanding of HMPPS, contracted third-party service providers, and the Prison and Probation estate is required.
  • The ability to understand, interpret and summarise complex information is required.
  • The ability to interact with and influence senior staff within HMPPS such as Directors, Deputy Directors, Prison Group Directors and stakeholders is required.
  • The ability to represent the Director and Directorate in meetings and Programme/Project Boards.

Training to a professional level will be provided, in subjects relating to IT Security, IT accreditation and assurance, Data Protection Act 2018, GDPR (regulations 2016), ISO27001 Information Management, Records Management.


The job holder must be able to fulfil all spoken aspects of the role with confidence in English or (when specified in Wales) Welsh.
Excess Fares

Working Arrangements & Further Information

Some of MoJ’s, including NOMS, terms and conditions of service are changing as part of Civil Service reform. The changes will apply to staff joining MoJ who are new to the Civil Service. Staff joining MoJ from other civil service employers will transfer onto the new MoJ terms if they are already on 'modernised' terms in their current post or onto 'unmodernised' MoJ terms if they are on 'unmodernised' terms at their current post. Details will be available if an offer is made.

Standard working hours for this post are 37 hours per week excluding breaks which are unpaid.

If you are a current NPS employee, this vacancy may be available on a Loan basis for up to 2 years. Applications are invited from suitable qualified staff.

The Loan/Secondment is subject to the approval of the selected candidate's Business Unit, which should be obtained before confirmation of appointment.

Benefits

Annual Leave

-The holiday year runs from 1 March. If you work a non standard work pattern your leave entitlement may be expressed in either hours or days as appropriate. Leave entitlement is calculated on a pro-rata basis and you will be advised of your actual entitlement on appointment. If you were appointed internally and your leave was previously calculated in days, this will continue to be the case.

Bank, Public and Privilege Holidays

-You are entitled to 9 days (66 hours 36 minutes) in recognition of bank, public and privilege holidays. These hours are added to your annual leave allowance. There is a requirement to work some public and bank holidays subject to your shift pattern and the operational needs of the establishment

Pension

-The Civil Service offers a choice of two pension schemes, giving you the flexibility to choose the pension that suits you best.

Work Life Balance

-The Prison Service is keen to encourage alternative working arrangements. Work life balance provides greater opportunities for staff to work more flexibly wherever managers and establishments can accommodate requests to do so. The Prison Service offers flexible working subject to completion of a satisfactory probationary period and NVQ

Season Ticket Advance

-After two months’ service, you’ll be eligible to apply for a season ticket advance to purchase a quarterly or longer-period season ticket for travel between home and your place of work

Childcare Vouchers

-The Prison Service offers a childcare vouchers scheme. The scheme enables staff to take part of their salary in the form of Childcare Vouchers. This is known as a Salary Sacrifice. The vouchers can then be used to help meet the costs of any form of registered or approved childcare for children aged 0-16. The vouchers are exempt from tax and National Insurance contributions

Training

-The Prison Service is committed to staff development and offers a range of training and development opportunities, including areas such as Equality and Diversity, Dealing with Challenging Behaviour, Suicide Prevention and Anti Bullying Programmes

-There are opportunities to access promotion programmes and the Prison Service provide a variety of training appropriate to individual posts

-All staff receive security and diversity training and an individual induction programme into their new roles

Eligibility

-All candidates are subject to security and identity checks prior to taking up post

-All external candidates are subject to 6 months probation. Internal candidates are subject to probation if they have not already served a probationary period within NOMS

-All staff are required to declare whether they are a member of a group or organisation which the Prison Service considers to be racist

Working for the Civil Service

The Civil Service Code sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles.

The Civil Service embraces diversity and promotes equality of opportunity.

There is a guaranteed interview scheme (GIS) for candidates with disabilities who meet the minimum selection criteria.

Expected to take place:
Monday 14th January
Tuesday 15th January
Thursday 17th January
Friday 18th January

04/01/2019, 23:55 hours.

Closing Date: 4th January 2019 at 23:55

If you require any assistance please call 0845 241 5358 (Monday to Friday 8am - 6pm) or e mail Moj-recruitment-vetting-enquiries@sscl.gse.gov.uk. Please quote the job reference 23157.

Enquires specific to the riole please email steve.blunn@justice.gov.uk

Please note the successful applicant will need to undertake a Disclosure and Barring Security Check for this post.

Candidate Information

You may be required to provide statements describing your skills and experience relevant to each of the selection criteria. We recommend that you structure any examples as Situation, Task, Action and Result. For more information about the recruitment process and answers to general queries, please click the below link which will direct you to our Candidate Information Page.

Link: https://justicejobs.tal.net/vx/candidate/cms/About%20the%20MOJ

In the event of a large number of applications, we reserve the right to undertake the following processes:


  • An automated online test where a benchmark must be passed to progress;
  • A sift on the lead selection criteria. If this happens, the lead criteria will be the first one listed in the advert.

During the selection process, you may be asked to undertake an additional assessment (such as written test). If this is applicable you will be notified of this when you are invited to interview.



if you feel that your application has not been treated in line with the Civil Service Recruitment Principles, please contact SSCL (Moj-recruitment-vetting-enquiries@gov.sscl.com) in the first instance
Making Effective Decisions
Managing a Quality Service
Delivering at Pace
Leading and Communicating
Showing Drive and Resilience

Effectiveness in this area is about being consistently motivated, committed and able to perform duties in all situations. People who are effective maintain a personal conviction when faced with resistance. Those who work in establishment must retain a professional approach when confronted by aggression and strong emotion from prisoners. At senior levels, it is about remaining focussed on achieving objectives in the face of resistance, organisational constraints or unforeseen problems.

We have provided detail of the assessment stages and areas being assessed to help you prepare for completing your application form, and to advise of what will be assessed following this, if you successfully pass the application stage.


Application form stage assessments

Interview stage assessments

There is 1 interview stage for this vacancy.

A Great Place to Work for Veterans

The "Making the Civil Service a Great Place to work for veterans" initiative includes a guaranteed interview scheme to those who meet the minimum criteria to provide eligible former members of the Armed Forces with opportunities to secure rewarding jobs. Allowing veterans to continue to serve their country, and to bring highly skilled individuals with a broad range of experience into the Civil Service in an environment, which recognises and values your previous service in the Armed Forces.
For further details about the initiative and eligibility requirements visit : https://www.gov.uk/government/news/making-the-civil-service-a-great-place-to-work-for-veterans

Redeployment Interview Scheme

Civil Service departments are expected to explore redeployment opportunities before making an individual redundant. The MoJ are committed, as part of the Redeployment Interview Scheme, to providing opportunities to those who are 'at risk of redundancy'.

MoJ are able to offer an interview to eligible candidates who meet the minimum selection criteria, except in a limited number of campaigns. Candidate's will not be eligible for the Redeployment Interview Scheme if they are applying on promotion.

This job is broadly open to the following groups:

· UK nationals

· nationals of the Republic of Ireland

· nationals of Commonwealth countries who have the right to work in the UK

· nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window) https://www.gov.uk/settled-status-eu-citizens-families

· nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)

· individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020

· Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window) https://www.gov.uk/government/publications/nationality-rules

This Vacancy is closed to applications.