Salary: £28,884 - £30,416 (dependent on experience)
Location: Vauxhall, London
The Medicines and Healthcare products Regulatory Agency (MHRA), an Executive Agency of the Department of Health, is responsible for safeguarding public health by ensuring that all medicines, healthcare products and medical equipment meet the appropriate standards of safety, quality, performance and efficacy.
Within the MHRA, the Information Management Division (IMD) is responsible for the support, operations and development of the IT systems that support the Agency's business.
Purpose of Role:
The IT Security Officer role is to co-ordinate all aspects of IT security within the MHRA. This is an important role as it covers many different aspects of the operation and will require close and effective liaison with Accenture, our IT services provider. The role is to understand the technical and business aspects of IT risk, as well as present the risks in a language the business understands. The role requires technical security experience as well as a strong understanding of business concepts.
- Maintenance of GSI compliance status, including the relevant documents sets
- Implementation of best practice Information Governance in accordance with the Agency's business needs
- Compliance with ISO27001
- Providing a central focus point for security incidents and guidance: - Ensuring that all security incidents are reported, investigated and resolved,
- Keeping management aware of legislative and technical changes that could affect the operational integrity of our systems
- Working with Accenture on developing and executing regular tests of network firewalls and other security devices
- Reviewing system changes and developments to ensure that security aspects have been considered
- Raising and maintaining security awareness within the Agency
- Providing regular reports to management on the status of operational security
- Liaison with other Government Departments acting as the interface for the Information Governance Assurance Program (IGAP)
- Maintenance of a security risk register
Essential criteria to apply: (shortlist and interview criteria)
- 1. Basic knowledge of ISO27001 will be required in this role
2. An appreciation of the security implications of large IT systems and an understanding of IT security principles
3. Good communication skills, both orally, including liaison with senior staff both internally and externally, and written, including presentation of complex information in a concise, accurate and understandable way
4. Experience of working within a computer services environment, with a good working knowledge of I.T systems
5. An ability to understand the risk/benefit implications of IT security and a proven track record in the practical demonstration of this in implementing business solutions
6. Prioritisation of work to meet deadlines whilst maintaining a high quality of deliverables
7. Competence in considering, interpreting and explaining legislation
8. Proven ability to build working relationships with principal customers
9. Experience in taking the lead in dealing with complex problems which require input from others
10. Ability to work through people to achieve objectives
11. Willing to train in an accepted security standard certification
The role has the potential to develop; gaining knowledge and experience of security work, particularly surrounding the technical key responsibilities. We are therefore looking for someone with an interest in information management, willing to be trained in an accepted security standard certification.
The above criteria will be used when shortlisting applications for interview and as a basis for the interview questions. It is therefore important that you clearly explain on your application form how you meet the essential criteria.
We are an equal opportunities employer and welcome applications from suitably qualified people regardless of, gender, sexual orientation, marital status, race, religion, politics or disability.
Please note that all positions in the MHRA require good all round IT skills, particularly MS Office. However, some positions require more specialist skills. Please refer to the essential criteria for the post above for more detailed information about the IT requirements of this post.
Please note that the full salary pay range for these roles is £28,884 - £36,765. Progression to the maximum of the salary range will be dependent on performance.
Closing date: 6th November 2009