Cyber Compliance Specialist

Join Police Digital Service as a Cyber Compliance Specialist - starting salary £70.000 We are looking for a highly experienced and motivated individual to join us as a Cyber Compliance Specialist. You will be a key member of the Police Digital Service (PDS) Cyber Security Team, providing risk and compliance advisory across Policing. About Police Digital Service To protect people from harm in our rapidly changing world, police services must not only keep up with technology and business changes but develop capabilities and ways of working that will enable them to adapt to and deal with the complexity of modern criminality. Key Responsibilities The Cyber Compliance Specialist is responsible for monitoring compliance against national policing policy, standards, and security blueprints. It will offer an exciting opportunity to be involved in collaborative working with police data communities, key stakeholders, partners and suppliers. In particular, the duties of the role involve: Advise and guide users on effective cyber risk management and compliance Identify cyber risks and advise on appropriate controls and mitigations, ensuring these are articulated in terms meaningful to the business Support the resolution of major compliance and risk issues and advise on cyber risk management decisions and remedial actions Advise where risks should not be tolerated and provide a point of escalation, using professional judgement and factoring in risk appetite Review, assess and assure cyber security documentation Advise on cyber risk management matters relating to the supply chain and managed service providers Contribute to the continuous improvement of agreed Cyber processes, policies and standards and advise on ongoing compliance Monitor technological, social and scientific trends that could influence PDS CS risk and compliance planning and management Contribute to the PDS Cyber Services Risk and Compliance monitoring plan Work with the Cyber Policies and Standards team to contribute to information security policies and standards Collaborate on the requirements, design, development and implementation of automated solutions Provide direction, oversight and guidance to security risk and compliance subcontractors Deliver the Police Assured Secure Facilities service and provide metrics to inform compliance and risk reporting Essential Experience Proven IT/Information security and risk experience in large organisations with complex security and compliance requirements Experience of conducting risk reviews in one or more of the following cloud service provider environments: Microsoft Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP) Experience in defining and/or implementing security controls across multiple layers of the IT architecture stack Strong knowledge and ability to demonstrate the use of the NIST Cyber Security Framework, mapping and translating NIST Cyber Security Controls to other frameworks such as ISO27001 and CIS Top 20 controls, including understanding of the Azure Cloud Adoption Framework Demonstrate a track record of developing strong working relationships with a wide number of stakeholders, particularly in managing expectations across a large number of disparate customer, supplier and stakeholder groups Experience delivering risk and issue remediation in large complex organisations Relevant knowledge and experience in one or more of the following areas: cloud security (security controls, assessments, privacy and regulatory risks, security frameworks), Security Operations, Infrastructure Security, Application Security and DevSecOps Good ability to undertake qualitative and quantitative risk analysis in support of business decision making and information risk management Excellent understanding of both procedural & technical compliance monitoring capabilities Knowledge of supplier assurance frameworks and solutions Demonstrable knowledge of the latest IT thinking and risk modelling methods together with a proven ability to implement and incorporate such solutions into systems and services Ability to develop, with the aid of subject matter experts where appropriate, and implement appropriate risk mitigation actions for identified risks across the organisation. The ability to produce clear, persuasive written and verbal communications which engage and influence colleagues and external stakeholders at a range of levels Good understanding of privacy requirements (including GDPR and DPA 2018) Strong engagement focus and proactive style, that motivates, builds trust and inspires colleagues and other delivery partners to engage with PDS productively All applicants must be eligible for NPPV3 and SC clearances. Successful applicants will require NPPV3 clearance to have been approved before starting with PDS. Why Join us? Balance is important and we want you to take time off to recharge - we offer 28 days' annual leave plus bank holidays, rising to 30 days after 5 years of service. Holiday Purchase also available Flexible working hours - We trust you to do your job and we appreciate that life doesn't always fit around a 9 to 5 workday. We operate core hours of 10 to 4, Monday to Friday (37hr week) We care about your well-being - we have an EAP that offers not just welfare benefits but also retail discounts Plan for the future - we offer an excellent pension scheme and life assurance cover Put your mind at rest regarding your health - offering remote GP, mental health and physiotherapy appointments via video consultation Family - Enhanced maternity and paternity pay along with a flexible return to work Benefits - Police Digital Service (pds.police.uk) Diversity, equity and inclusion We are committed to equal opportunity for all and will not discriminate on any grounds. We encourage applications from people from the widest possible span of experience. This is a remote role. TPBN1_UKTJ