Job Description

Details

-----------

Reference number

429630

Salary

62,011
GBP

Job grade

Other

Contract type

Permanent

Type of role

Other

Working pattern

Full-time

Number of jobs available

1

Contents

------------

Location About the job Things you need to know Apply and further information

Location

------------


Scotland

About the job

-----------------

Job summary

Forestry and Land Scotland (FLS) is an Executive Agency of the Scottish Government. We look after more than 630,000 hectares of Scotland's forests and land, managing them to deliver a wide range of economic, environmental, and social benefits.



Our

Digital Services team

plays a key role in delivering technology, infrastructure and data solutions that support sustainable land management, enable innovation, and underpin our Net Zero ambitions.



We are a supportive and inclusive team committed to professional growth, work-life balance, and flexible working. You will work alongside colleagues across FLS and wider public sector partners to make a tangible impact.

Job description

The Lead Security Architect is responsible for delivering the secure design and development of digital solutions. You will support the Head of Digital Services and the Digital Services Leadership Team in the security engagement for all activities and projects ensuring that good security design is embedded.



This challenging role incorporates aspects of security architecture, cyber risk management and cyber security policy. You will collaborate with colleagues to identify new opportunities for exploiting emerging technologies and support the development of architectures, patterns and approaches to support their safe use. You will be pragmatic to help ensure delivery of systems that meet the desired business outcomes with security decisions and controls being proportionate to the risk.



You will build effective partnerships with diverse teams across multiple locations and technologies and effectively communicate security and risk implications across technical and non-technical stakeholders. You will review critical architecture referencing National Cyber Security Centre (NCSC) guidelines and support others on all aspects of security architecture and best practice.

Person specification

Experience


Essential:

Practical experience in helping to design and review secure systems, including both high-level and detailed technical designs, following clear design guidelines and best practices; Making decisions based on risk, using trusted methods to check and manage information security; Proficiency in applying security concepts to a technical level, including working with security tools, network security infrastructure technologies, and information security management frameworks (e.g., ISO 27001, NIST, CE/CE+); Effectively translate and accurately communicate security and risk implications to technical and non-technical stakeholders; Manage stakeholder expectations and be flexible, adapting to stakeholder reactions to reach consensus; Strong understanding of NCSC information security guidance and architecture patterns; Delivering expert advice and assurance on complex risk, threat and resilience matters.


Desirable:

Knowledge of Secure by Design principles Experience with penetration testing and the ability to effectively translate cyber risk analysis into standards, patterns, and approaches to enable the safe exploitation of current and emerging technologies Contributing to enterprise-level digital transformation and modernisation initiatives Supplier management and contract oversight for cyber tooling and services


Technical


Essential:

In-depth knowledge of cyber and information security standards and frameworks (e.g. NIST, ISO27001, Cyber Essentials Plus) Experience with SIEM, vulnerability management and security tooling Understanding of digital architecture and cloud security principles Familiarity with DPIAs, cyber audit processes and threat intelligence sources


Desirable:

Formal security qualifications (e.g. CISSP, CISM, ISO27001 Lead Implementer) Experience working with UK Government security classifications and risk management standards (e.g. IS1/2, HMG SPF)

Things you need to know

---------------------------

Selection process details

Please see our recruitment portal for further details.



Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.
People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:


UK nationals nationals of the Republic of Ireland nationals of Commonwealth countries who have the right to work in the UK nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS) individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020 Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Further information on nationality requirements

Working for the Civil Service

The Civil Service Code sets out the standards of behaviour expected of civil servants.



We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles .
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service Diversity and Inclusion Strategy .

Apply and further information

---------------------------------


Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

#

Job contact :

Name : David Exeter Email : David.exeter@forestryandland.gov.scot
#

Recruitment team

* Email : Resourcing@forestryandland.gov.scot