Overview:
We are currently seeking applications for a Cyber Security Analyst within the Accountant in Bankruptcy based in AIB Kilwinning. These are permanent and pensionable appointments and new entrants will normally start on the minimum of the pay range. Candidates with a disability who meet the essential criteria below will be invited to the assessments.

DDaT Pay Supplement
This post attracts a £5,000 DDaT pay supplement after a 9 months DDaT competency qualifying period. Pay supplements are temporary payments designed to address recruitment and retention issues caused by market pressures and are subject to regular review.

Overview
The Accountant in Bankruptcy (AiB) is an Executive Agency of the Scottish Government with responsibility for administering the process of personal bankruptcy, administering the Debt Arrangement Scheme and recording Corporate Insolvencies in Scotland. The Agency operates independently and impartially whilst remaining directly accountable to Scottish Ministers.

AiB has an ongoing Programme to identify, evaluate and improve its business processes and continually seeks to improve and transform its processes, systems, and services for the digital age.

Our Digital Services provide a significant entry point for our customers who face financial distress. AiB Digital Transformation team provides a critical role to ensure the organisation has digital capabilities, capacity and are cyber resilient.
Responsibilities:
Information Security:
Provides advice and guidance on the application and operation of elementary procedural and technical security controls. Performs security risk, vulnerability assessments, and business impact analysis for small to medium complexity information systems. Investigates suspected attacks and manages security incidents. Uses forensics where appropriate.
Security Administration:
Maintains security administration processes and checks that all requests for support are dealt with according to agreed procedures providing guidance on access rights and privileges
Investigates security breaches in accordance with established procedures and recommends required actions and supports / follows up to ensure these are implemented.
Vulnerability Management:
Maintains current knowledge of malware attacks, and other cyber security threats analysing and prioritising vulnerabilities
Raises requests through incident management system, detailing the vulnerability, assets impacted and required remediation activity working to understand the priority and required actions, tracking each vulnerability through to remediation.
Reports upon success of vulnerability management through the appropriate risk boards.
Security Monitoring:
Monitors the Security Information and Event Management tool for alerts, investigating and resolving or escalating as appropriate. Support in the on-boarding of new systems into the SIEM solution, identify the use case for the logs, appropriate alerts and the playbooks that will be followed to resolve the alert.
Recommend service improvements to reduce resource overhead, facilitate quicker remediation of vulnerabilities or reduce risk to the organisation.

Competencies
Self-Awareness
Analysis and Use of Evidence
Improving Performance
Communications and Engagement
Technical
Essential Criteria & Qualifications:
Essential Criteria
1. High level knowledge and understanding of the internal and external cyber security risks to IT systems, services and data storage.
2. Experience of working with cyber security technologies such as security monitoring, vulnerability detection, privilege access management, penetration testing, sandboxing etc.
3. Knowledge of Government and International Security standards, e.g. HMG Security Policy Framework, Cyber Essentials Plus, ISO 27001 (Information Security Standard), PSN accreditation requirements, CBEST, PCI-DSS etc.
4. The ability to analyse, interpret and apply complex technical information.

Further Information
To apply please submit a CV outlining your relevant skills and experience for the role (no more than 2 sides of A4) and a personal statement (of no more than 750 words). When considering how your experience relates to the role, please tailor your CV and personal statement to reflect the role and the essential skills/criteria as described in the job description/person specification. CV and personal statement must be one document.

For further information on this vacancy please download and review the “Further Information for Job Applicants” which you will find below.

Person_Specification_Band_B_Updated_9.9.22_PDF
DDaT_Recruitment_-_COVID-19_Candidate_Guide
DDaT_Recruitment_-_Further_Information

To learn more about this opportunity, please contact [email protected] .

The Scottish Government is a diverse and inclusive workplace and we want to help you demonstrate your full potential whatever type of assessment is used. If you require any adjustments to our recruitment process, please let us know via [email protected]

Important Information Regarding Interviews
In recognition of the Scottish Government’s ongoing measures and guidance in its response to Covid-19 (Coronavirus), we would like to advise applicants that a decision has been taken that all interviews must be conducted in a virtual/remote setting.

In order to facilitate this new way of working, we are asking all applicants to ensure that they have a suitable space to complete the virtual interview as well as a personal device of choice with an account registered to either ‘Microsoft Teams’ or ‘Webex’ applications by which you can undertake the interview/assessment if selected. Should you be invited to interview, you will be told which platform the event will take place on. We are also asking you to ensure that your personal Wi-Fi/Broadband capacity will be sufficient to carry both audio and video feeds to undertake the interview. This will then ensure that there are no issues incurred during the interview.

If you experience any difficulties accessing our website or completing the online application form, please contact the resourcing team via [email protected]