Combined Shape Created with Sketch. !
< Back to Careers

ID2022-3606 - Security and Information Risk Advisor

Salary - £39,659 - 47485

Location - Dundee or Glasgow

Hours - 37 hours per week

Closing Date - 5th October 2022 at Midnight

Reference - 2022-3606

Employment Type - Permanent


We are currently seeking applications for a Security and Information Risk Advisor based in Glasgow or Dundee. This is an exciting opportunity to lead on technical projects as the security representative. The post holder will provide pragmatic security and information assurance advice to a range of stakeholders including business areas and the wider Scottish public sector. A security qualification or professional security certification is desirable but relevant experience will be considered.

As a Security and Information Risk Advisor you will be the security representative in a multi-disciplinary agile team responsible for developing the technical solution for the administration of devolved benefits.

The Security and Information Risk Advisor (SIRA) is responsible for overseeing information risk management policy across Social Security Scotland and co-ordinating risk assessment activities on behalf of the Senior Information Risk Owner.

This post attracts a £5000 Digital, Data and Technology (DDaT) pay supplement after a 3 months DDaT competency qualifying period. The payment will be backdated to your start date in the role. Pay supplements are temporary payments designed to address recruitment and retention issues caused by market pressures and are subject to regular review. This post is part of the Scottish Government DDaT profession. As a member of the profession you will join the professional development system, currently BCS RoleModelplus.

Main Duties

Security Risk and Information Advisors support effective information security risk management by providing advice and guidance on the proportionate and effective specification, implementation, and operation of cyber security controls to protect the integrity, availability, authenticity, non-repudiation and confidentiality of Scottish Government information. Security Risk and Information Advisors also provide guidance on the compliance of information systems with legislation, regulation and relevant standards.

Security and Information Risk Advisors:

• Provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.

• Obtain and acts on vulnerability information and conducts security risk assessments and business impact analysis on complex information systems.

• Investigate major breaches of security, and recommends appropriate control improvements

• Contribute to development of information security policy, standards and guidelines. Interprets information assurance and security policies and applies these in order to manage risks

• Provide advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards and guidelines

• Use control testing information to support information assurance assessments

• Contribute to the development of policies, standards and guidelines

Additional Duties:

• Management responsibilities for a small number of Security Risk and Information Advisor support staff

• Represents Digital Risk and Security on project teams and boards (including external) as required

• Liaison with and support of other Digital Risk and Security functions.

• Management of problems and issues, resolutions, corrective actions, and lessons learned

• Collection and dissemination of relevant information and risk management advice

• Collection of feedback from customers in order to develop and enhance customer and stakeholder relationships

• Assessing the robustness of third party suppliers’ control environments.

Further Information

Social Security Scotland are a Disability Confident Employer. We will consider and implement any reasonable adjustments you may require throughout the recruitment process and during the course of your employment, should you be successful in securing a post. If you feel you may require assistance with any part of our recruitment process, please contact us at

More information about the role and how to apply is available at: Security and Information Risk Advisor | Careers at Social Security Scotland (

Sign up to our newsletter

If you are an organisation or individual who works with people who may need information or support on any of our benefits, sign up to our stakeholder newsletter.

We'll never send you content you haven’t asked for and you can opt out at any time.

Please enter a valid email address

Read our privacy policy