This role is key in enabling Parliament to improve the management of its information security, through assessment, monitoring and mitigation of risks and issues. You will be expected to acquire and maintain an up-to-date functional knowledge of information rights legislation, whilst also knowing when to seek support and advice from experts in other departments.
You will not only coordinate and manage the information risks, but also contribute to the ongoing risk management maturity of Parliament, working closely with the Head of Information Security Risk and the Director of Information Security. This includes collaborating with the accreditation programme to build and maintain a broader picture of Parliament’s risk profile. You will also be working alongside other key stakeholder in other directorates and have the opportunity to learn and develop your skills.
You will also provide part-time support to the Deputy DIROs of PDS with assessing risk for PDS itself, monitoring PDS’s compliance with information law and mitigation of PDS specific risks and incidents.
The ideal candidate will have a strong understanding of risk principles and the ability to not only apply policies, but to contribute to policy and process development.
- Supporting the accreditation process in Parliament which assures the security of digital solutions.
- Providing secretariat support to key working groups including: R&R Tier Data, Digital and Cyber Security Group.
- Contribute to continued improvement of information security processes and methods.
- Supporting Parliament with supplier due diligence.
- Assisting Deputy DIROs and DIRO with communication to/from PDS colleagues to raise awareness of key Information Management (IM) areas and to build mutually beneficial relationships. Providing support in sharing learning to/from the wider DIRO (Commons) and Information Security Coordinator (Lords) networks.
- Gathering data and undertaking analysis to assess team health & maturity in terms of information management across different PDS directorates, in order to assist in prioritisation of IM improvement activities including information ownership.
- Collaborating with teams to identify and support the next steps to improve IM with regards to completion and maintenance of registers (Record of Processing Activities (RoPAs) and Information Asset Registers (IARS)) across PDS.
- Co-ordinating and supporting the delivery of formal and informal, general and tailored training for the necessary skills and knowledge for teams to fulfil their Information Security responsibilities and comply with legislation and best practice.
- Lead the development of bespoke materials, in collaboration with PDS colleagues, Information Compliance teams, IRMS and Information Strategy & Governance.
- Information loss reporting, investigation and lessons learned activities.
The above list of key responsibilities is not exclusive or exhaustive and the post holder will be required to undertake such tasks as may reasonably be expected within the scope and banding of the post.
The Parliamentary Digital Service, a joint department of both Houses of Parliament, provides technology and intranet services to all Parliamentary users. It is also responsible for the strategic direction of Parliament’s digital offering through Parliament's Digital Strategy and the delivery and management of parliamentary digital platforms, including the website. We support Parliament through our team of over 450 dedicated and professional digital colleagues. There may be an opportunity for the post holder to undertake related training including the possibility of gaining an information security qualification.
The post holder will be expected to operate in line with the Parliamentary Digital Service workplace values which are:
- Care – Caring for ourselves, each other, and the people who use our services
- Confidence – Believing in the value of what we do and showing pride in our work
- Community – Working together as one team and building communities to share skills and expertise
- Curiosity – Learning, listening, and challenging to be the best at what we do
- Ability to identify opportunities and areas of improvement. Be able to propose improvement activities working with stakeholders.
- Demonstrable ability to investigate, articulate and improve solutions which reduce information risk in conjunction with ongoing operational business needs.
- Ability to support, motivate and share best practice with specific reference to Information Management and Information Security.
- Effective and engaging communication skills with the ability to adapt approach (in writing and in person), including active listening skills, to inform and refine plans and delivery approaches.
- Ability to work collaboratively and inclusively with diverse stakeholder across PDS and Parliament using good influencing, negotiation and facilitation skills to respond effectively in challenging situations.
- (Desirable) An awareness of UK GDPR application, other information law and managing information risk in a complex organisation.
Apply By: 30th November 2023 at 23:55
Interviews: 11th December 2023
Format: Presentation + Panel Interview (Remote)