Information Governance Policy and Procedure Author - Slough

IT/Information/Business Risk
Ref: 72 Date Posted: Monday 14 Sep 2020
LinkedIn ShareShare
More
Location: Buckinghamshire
Reports to Group CISO
Fixed Term Contract for a 1-year period initially but may extend beyond this.
 

The Role

 
We have a number of projects which develop solutions in partnership with external parties often in other countries.  These require information sharing, sometimes of classified documents.  In the civil nuclear sector, there are a number of regulations which apply to projects of this type.  Examples of regulatory areas include:
• Physical security of the information
• Information classification
• Assurance of systems
 

This role is to develop the policies and procedure set which will be required to manage collaborative projects of this type.  This Policy and Procedure Author role is for a 1-year period initially but may extend beyond this. 

 
The key responsibilities of this role will be to:
• Write version-controlled policies, procedures and guidelines
• Engage and gain buy-in from stakeholders
• Work with international collaborators
• Drive approval process
• Factor in information classification distinctions
• Think about ongoing assurance and audit – this needs to be practical and pragmatic both internally and externally
• Consider and incorporate regulatory aspects – for example: List N, SALs, international information transfers
• Ensure that appropriate security language is incorporated in project contracts
 
Policies and Procedures will cover covers aspects such as:
• Nuclear Information Classification and marking
• Information Handling
• Personnel Vetting
• List N
• Security Aspects Letters
• Government Security Classifications
• Export Control Regulations
• GDPR
• Assurance of IT systems used to access information
• Physical Security 
 
We’re looking for a self-motivated self-starter, with great attention to detail, who is capable of working with multiple stakeholders.
 
This role reports to the Group CISO and is based full time nr Slough (working from home during Covid-19 lockdown).  Home working may be considered for an exceptional candidate. 
Occasional travel may be required.
 
This role will require SC clearance.
 

General Expectations:

 
Written policy must be simple and clear so that it can be easily understood by every employee. Policy must also be comprehensive and able to address questions or situations that may arise. Such work requires that policy writers be aware of these potential situations or questions at every level of the company or corporation's work. Maintaining policy manuals requires that policy writers keep accurate files. All updates, revisions and deletions must be recorded and easily accessible.
 
Writing and introducing policy also entails ensuring that policy is not contradictory to any departmental or company guidelines or objectives. This includes ensuring that policy is both in line with the company mission and the laws of the community. Often, this work can entail legal research or consultation.
 
Policy writers compose, maintain and clarify the policies and procedures of the company, organization or corporation for which they work. Often assigned with the task of writing a policy manual, as well as the procedures by which to introduce such changes to the manual, policy writers act as liaisons between employees and employers vis-à-vis corporate or company guidelines. In addition, policy writers introduce these company policies internally and externally. Beyond introducing new rules and programs, policy writers often ensure the implementation of new and revised policies and guidelines.
Main Responsibilities  
• See above
 
Job requirements 
 
Vocational Qualifications:
• Demonstrable experience of writing high quality, clear, user-focused policies and procedures.
• Relevant experience of working in the civil nuclear sector with understanding of security aspects
• Proven ability to deliver to time and quality.
• Experience of working in a global organisation delivering output through a matrixed relationship.
Behavioural competencies:  
• Motivated, self-starter with great attention to detail
• Sense of urgency for rapid delivery.
• A team focused mentality with excellent relationship management skills.
• Fast learner who can assimilate information quickly.
• Excellent organizational skills.
Experience required:
• Demonstrable experience of developing nuclear security policies and procedures
Specific knowhow and technical skills:
• Understanding of nuclear regulations