Cyber Assurance Officer

INTERNAL ONLY VACANCY. This post is open to existing Leeds City Council employees only. Applications will not be considered from external candidates.

Job title: Cyber Assurance Officer

Salary: SO2 £37,280 - £39,152       

Hours: 37

Contract: Permanent

Location: Home and Office Based

As a Cyber Assurance Officer you’ll play a key role in protecting Leeds City Council’s information systems and services from ever-evolving cyber threats.  You’ll be part of a forward thinking security team, ensuring our organisation remains robust, compliant, and trusted.

Leeds City Council is one of the largest employers in the region with over 14,000 employees. We seek to recruit and develop talented individuals who embody our council values and ambitions.

About you

As a Cyber Assurance Officer, you will thrive on:-

  • Monitoring for emerging threats and helping to protect us against Cyber attacks
  • Tackling complex security challenges and finding practical, people and technology focussed solutions
  • Collaborating across teams to embed strong cyber awareness and resilience
  • Turning data and technical insight into clear, actionable recommendations
  • Knowing your work directly contributes to protecting vital public services

About the role

As our next Cyber Assurance Officer, you will bring:-

  • A strong understanding of cyber security principles, frameworks and risk management
  • The ability to assess systems for emerging threats
  • The ability to assist in the creation and adherence to policies and protocols
  • Excellent communication skills with the ability to explain complex concepts in plain English
  • A proactive, collaborative approach, with a focus on continual improvement
  • Integrity and a commitment to public service values

The role is integral to our Cyber Assurance team to help ensure that our residents, partners and staff can rely on the confidentiality, integrity and availability of the information and systems they depend on every day.  You’ll be integral to building and maintaining a culture of security across the organisation, supporting the team make informed decisions that protect Leeds City Council.

What we offer you

We take pride in offering the best employee experience, with benefits including:

  • a competitive salary and annual leave entitlement plus statutory holidays
  • membership of the West Yorkshire Pension Fund with generous employer contributions
  • flexible and hybrid working arrangements subject to service requirements
  • a clear career pathway and continuing professional development opportunities
  • a range of staff benefits to help you boost your wellbeing and make your money go further

How to apply

Please upload your CV and complete a personal statement of no more than 500 words.

Read our guidance for further advice on completing your application.

If you have any queries or would like an informal chat about the role, please contact Peter Jordan  email peter.jordan@leeds.gov.uk 

A Disclosure and Barring Service (DBS) check against the Children’s or Adults’ barred list as applicable will be carried out on preferred candidates. Read our recruitment of ex-offenders policy.

We welcome applications from everyone and actively seek a diverse range of applicants from all backgrounds and cultures. We particularly encourage applications from, but not limited to, women, carers, veterans as well as LGBT+, ethnically diverse, disabled and care experienced people.

This role is based in the UK. Home Office guidance states that candidates must evidence their right to work in the UK prior to commencing employment, either as a UK or Irish citizen, under the EU Settlement scheme or having secured any other relevant work visa.

If you do not have the right to work in the UK, you must consider your own eligibility for sponsorship for a particular role through the Skilled Worker visaroute before applying. To be eligible for sponsorship you'll usually need to be paid the standard salary rate of at least £41,700 per year or meet one of the other eligibility criteria. Please ensure you are eligible before applying.

Job Description

Job purpose The primary purpose of this role is to ensure that our cyber security measures are robust, effective, and compliant with relevant standards and regulations. 

The Cyber Assurance Officer will assist in developing and implementing comprehensive cyber assurance policies and procedures, and conduct regular security assessments and audits, monitor and review security controls, and identify potential risks. This role involves close collaboration with IDS colleagues and other departments to promote a strong culture of cyber security across the organisation, supporting the development and delivery of cyber security awareness training for staff, ensuring that all employees are informed about the latest threats and how to mitigate them. While keeping aware of the latest cyber security trends and threats, the Cyber Assurance Officer will also prepare reports on security assurance activities and findings for senior management.

Responsibilities

  • Conduct regular security assessments and audits to ensure compliance with relevant standards, frameworks, and regulations. (For example, PSN, PCI-DSS, and Local Government CAF) to identify vulnerabilities and recommend improvements.
  • Assist in developing and implementing comprehensive cyber assurance policies and procedures, and conduct regular security assessments and audits, monitor and review security controls, and identify potential risks.
  • Collaboration with IDS colleagues and other departments to ensure security best practice is followed and promote a strong culture of cyber security across the organisation.
  • Support the development and delivery of cyber security awareness training for staff, ensuring that all employees are informed about the latest threats and how to mitigate them.
  • Maintain up-to-date knowledge of the latest cyber security threats and trends, preparing reports on security assurance activities and findings for senior management.
  • Monitor and review security controls to identify and mitigate risks.
  • Monitor and analyse security alerts and incidents, and assist in the response and resolution of security breaches.
  • Participate in the development and testing of incident response plans.
  • Conduct risk assessments and provide recommendations for risk mitigation.
  • Maintain manual and digital records accurately collating and processing information from a variety of sources including basic reports Preparation of reports on security assurance activities and findings for senior management in accordance with the requirements of GDPR
  • Be aware of relevant legislation, guidance, policies and interpret and apply them consistently.
  • Provide general advice or guidance on internal policies/procedures in relation to Cyber Security
  • The duties outlined are not meant as an exhaustive list and will also comprise any other duties within the spirit of the post commensurate with the job evaluation outcome for this post.

Qualifications Degree level or equivalent knowledge and experience e.g. Cyber Security, Information Technology, Computer Science, or a related field, is essential.  Relevant certifications such as Certified Ethical hacker (CEH), CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or similar knowledge or internship in cyber security or assurance is desirable.

Essential requirements Candidates will only be shortlisted if they can demonstrate that they meet all the following essential requirements:

  • Able to work effectively as part of a team and to demonstrate organisational and time management skills prioritising own and team’s work to meet conflicting deadlines
  • Able to develop constructive working relationships and work in partnership with others
  • A flexible approach to working hours with the ability if required to work out of normal hours to respond to emergency situations
  • Able to work within and interpret financial policies and procedures ensuring value for money
  • Able to accurately enter and retrieve data and information from digital and manual systems producing basic reports and data for senior managers
  • Able to communicate appropriately and effectively with a wide range of people including internal and external partners and customers through a variety of different methods
  • Able to use initiative to develop solutions to ensure effective delivery of the service
  • Strong analytical and problem-solving skills.
  • Understand responsibilities in terms of Health, Safety, Wellbeing, security, confidentiality and data protection
  • Knowledge of cyber security principles and practices.
  • Understand common security tools and technologies, for example Security Information and Event Management (SIEM) Systems, Vulnerability Management platforms, Penetration Testing Tools.
  • Experience of assisting in the training/mentoring of staff in relation to Cyber Security
  • Experience of working as part of a team
  • Experience of preparing and presenting reports and data to managers

Essential Behavioural & other Characteristics

  • Understand and embrace Leeds City Council Values and Behaviours and codes of conduct
  • Committed to continuous improvement in all areas and work towards delivering the Best City Ambition of Health & Wellbeing, Inclusive Growth and Zero Carbon
  • Able to understand and observe Leeds City Council policies and procedures.
  • Carry out duties having regard to an employee’s responsibility under Health, Safety and Wellbeing
  • Participate in appraisal, training and development activities to ensure up, to date knowledge and skills.
  • Be aware of and support difference and ensure equality for all working in an anti-discriminatory manner, upholding equality & diversity of Leeds City Council.
  • Recognise and appropriately challenge any incidents of racism, bullying, harassment, victimisation, and any form of abuse, reporting any concerns to the appropriate person
  • Flexible and adaptable to change to assist other services as required commensurate to grade.
  • The Council has adopted a flexibility protocol and the role will be expected to work within these parameters.

Desirable requirements Candidates are not required to meet all the following desirable requirements however these may be used to distinguish between candidates.

  • Familiarity with common security tools and technologies, for example Firewalls, Antivirus and Anti-malware Software, Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), Encryption Tools, Network Monitoring Tools, Password Management Tools, Endpoint Protection Platforms (EPP)

#INT

#LI-DNI

Apply for this job
  • logo-mindful-employer.
  • logo-disability-confident-leader
  • logo-apprenticeships
  • ogo-age-friendly-leeds
  • logo-child-friendly-leeds
  • Stonewall LGBTQ+ inclusive employer gold awards 2024
  • Armed forces covenant