ICT Assurance GRC Data Analyst

Education Authority
Belfast
5 months ago
Applications closed

Related Jobs

View all jobs

Microsoft Fabric Data Engineer

JOB PURPOSE


To implement information security compliance activities for EA, ensuring compliance with relevant cyber and information security policies, standards and guidance.
To operationally manage cyber incident response for the organisation, co-ordinating external and internal resources in responding to suspected security breaches and leading the subsequent root cause analysis and lessons learned reviews.
To ensure that the confidentiality, integrity and availability of EA’s assets, information, data and IT services supports the organisation to achieve the corporate objectives.
To protect the interests of those relying on information, and the systems and communications that deliver the information, from harm resulting from failures of confidentiality, integrity and availability.
The objectives of the post will be met when:
Information is observed by or disclosed to only those who have the right to know (confidentiality)
Information is complete, accurate and protected against unauthorised modification (integrity)
Information is available and usable when required, and the systems that provide it can appropriately resist attacks and recover from or prevent failures (availability)
Business transactions, as well as information exchanges between enterprises, or with partners, can be trusted (authenticity and non-repudiation)

Leadership and management responsibilities


The GRC Data Analyst has the following leadership responsibilities for this portfolio of services:


Setting Vision and Strategy

Work with the ICT Assurance Compliance Lead to establish, maintain and communicate a clear and compelling strategic direction for information security across EA. 


Contribute to the development of a strategic plan for cyber security, Risk and compliance in EA. 
Contribute to the development and implementation of new compliance metrics and reporting including policies, compliance frameworks and processes in line with strategic direction and other public sector/cyber security organisations.
Challenge conventional approaches, harness new approaches and technology and maximise efficiencies and take an automated approach to report on Cyber Security Risk and Compliance within EA.

Managing the Organisation to Deliver

Manage service delivery effectively to ensure that the section achieves the highest possible standards of performance and focuses on the needs of internal and external customers.


Agree service performance targets with the ICT Assurance Compliance Lead and other EA Head of Services and provide regular progress reports at SMT/ Directorate level and occasional reports to Board level.
Regularly engage with the Compliance Lead to monitor and review plans and make adjustments as required. 
Manage and continuously improve the section to ensure delivery against performance targets, and to ensure that best value for money is achieved. 
Ensure that the service contributes to overall Directorate and Corporate performance as appropriate and provide update reports as required. 
Ensure that the ICT Assurance Compliance Lead receives high quality service-specific advice.
Apply resources effectively across the section to maximise the delivery of front-line services. 
Ensure compliance with relevant legal, regulatory and statutory performance requirements. 
Assist the Compliance Lead to ensure that ICT Assurance compliance service budgets are managed in accordance with all relevant financial policy and procedures.
Contribute effectively to quality and performance management systems and ensure that the section is being managed as per the requirements of these systems. 
Assist the Compliance Lead to investigate all complaints and adverse incidents where outcomes are below expected standards.
Establish effective and rigorous quality assurance systems to maintain high standards.

Leadership

Work closely with the Head of ICT Assurance and the Compliance Lead to provide the section with leadership and direction ensuring that corporate, directorate and service performance standards are achieved. 


Promote the ethos and values of the authority and ensure that the section is focused on customer needs. 
Foster a culture that supports achievement of the authority’s Strategic Plan by role modelling core values and leadership behaviours to staff in the section.
Lead/manage and communicate change and improvement initiatives within the section.
Lead, manage and develop staff within the section.
Actively encourage teamwork and self-development, and create opportunities to maximise individuals’ potential, stimulate innovation and connection at all levels with front line services.
Promote a positive culture of performance management within the section through individual and small-team accountability. Foster a culture of constructive feedback and learning, and a genuine commitment to regular and effective appraisals.
Prepare and deliver reports on behalf of the ICT Assurance Compliance Lead as required. 

Building Relationships and Working with Others 

Build and maintain effective, professional and respectful stakeholder relationships. 


Ensure efficient and effective internal communication with staff in the section.
Work closely with partner organisations, the ICT Assurance Compliance Lead and colleagues to benchmark services and lead/manage and monitor change.
Build and maintain effective working relationships and clear lines of communication with the ICT Assurance Compliance Lead and the Head of ICT Assurance, other Heads of Service within the Directorate and in other Directorates and the ICT Senior Management Team.
Develop and maintain clear lines of communication and effective working partnerships with relevant external stakeholders and service user groups.
Work with the Compliance Lead to manage engagement with staff, schools and the public on major changes in the service that may affect them.
Work with external agencies; for example, education sector partner organisations, to identify opportunities for joint working that might bring greater consistency across the sector, and/or improve efficiency and effectiveness of service delivery.

Section-specific responsibilities


The following list provides an outline of the key responsibilities. It does not, however, represent a comprehensive list of tasks.


Control

Support the Compliance Lead to establish a compliance Reporting System.


Support the Compliance Lead to establish in taking a data driven approach to inform Cyber security standards, policies and controls.
Support the Compliance Lead to develop governance and an operational team for monitoring indicators of compromise and responding to information security incidents.
Establish and control compliance with information security auditing, monitoring, and evaluation against policy, standards and guidance.

Plan

Devise and recommend appropriate mechanisms for measuring security compliance, based on an understanding of the requirements of the organisation.


Gather requirements from such sources as security tools, business and service risk, plans and strategies, service and operational level agreements, and legal, moral and ethical responsibilities for information security.
Consider factors such as the amount of funding available and the prevailing organisational culture and attitudes to security.
Develop a data driven approach to cyber security risk assessment to inform the development of security requirements.
Develop compliance and cyber incident monitoring plans.

Implement

Ensure that appropriate procedures, tools and controls are in place including security compliance monitoring and reporting. 


Determination of a clear and agreed compliance framework, integrated with the needs of the business.
Provide effective marketing and education in security compliance risks and requirements.
Provide security data to support organisational audits.
Evaluate operational information security implementation risk.
Promote security awareness by developing and implementing a security awareness and training programme around compliance, using a data driven approach
Establish a mechanism for measuring and managing compliance and incident management improvement.

Evaluate

Supervise and check compliance with the security policy and security requirements in service and operational level agreements, and in underpinning contracts with suppliers.


Carry out regular audits of the technical security configuration of IT systems and supporting processes during and post implementation.
Provide compliance and incident management information to external auditors and regulators as required.
Monitor Critical Success Factors (CSFs) and Key Performance Indicators (KPIs) for information security.

Maintain

Improve security arrangements as specified in service and operational level agreements and other documentation.


Improve the implementation of security measures and controls.
Carry out continual service improvement in relation to information security.
Work towards independent certification against ISO/IEC 27001 and CAF.

This job description is intended to provide a broad outline of the responsibilities and is not intended to be exhaustive. Other reasonable duties may be assigned by the ICT Assurance Compliance Lead and Head of ICT Assurance in consultation with the post-holder. 

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

How to Write a Machine Learning Job Ad That Attracts the Right People

Machine learning now sits at the heart of many UK organisations, powering everything from recommendation engines and fraud detection to forecasting, automation and decision support. As adoption grows, so does demand for skilled machine learning professionals. Yet many employers struggle to attract the right candidates. Machine learning job adverts often generate high volumes of applications, but few applicants have the blend of modelling skill, engineering awareness and real-world experience the role actually requires. Meanwhile, strong machine learning engineers and scientists quietly avoid adverts that feel vague, inflated or confused. In most cases, the issue is not the talent market — it is the job advert itself. Machine learning professionals are analytical, technically rigorous and highly selective. A poorly written job ad signals unclear expectations and low ML maturity. A well-written one signals credibility, focus and a serious approach to applied machine learning. This guide explains how to write a machine learning job ad that attracts the right people, improves applicant quality and strengthens your employer brand.

Education Jobs

Maths for Machine Learning Jobs: The Only Topics You Actually Need (& How to Learn Them)

Machine learning job adverts in the UK love vague phrases like “strong maths” or “solid fundamentals”. That can make the whole field feel gatekept especially if you are a career changer or a student who has not touched maths since A level. Here is the practical truth. For most roles on MachineLearningJobs.co.uk such as Machine Learning Engineer, Applied Scientist, Data Scientist, NLP Engineer, Computer Vision Engineer or MLOps Engineer with modelling responsibilities the maths you actually use is concentrated in four areas: Linear algebra essentials (vectors, matrices, projections, PCA intuition) Probability & statistics (uncertainty, metrics, sampling, base rates) Calculus essentials (derivatives, chain rule, gradients, backprop intuition) Basic optimisation (loss functions, gradient descent, regularisation, tuning) If you can do those four things well you can build models, debug training, evaluate properly, explain trade-offs & sound credible in interviews. This guide gives you a clear scope plus a six-week learning plan, portfolio projects & resources so you can learn with momentum rather than drowning in theory.

Jobs

Neurodiversity in Machine Learning Careers: Turning Different Thinking into a Superpower

Machine learning is about more than just models & metrics. It’s about spotting patterns others miss, asking better questions, challenging assumptions & building systems that work reliably in the real world. That makes it a natural home for many neurodivergent people. If you live with ADHD, autism or dyslexia, you may have been told your brain is “too distracted”, “too literal” or “too disorganised” for a technical career. In reality, many of the traits that can make school or traditional offices hard are exactly the traits that make for excellent ML engineers, applied scientists & MLOps specialists. This guide is written for neurodivergent ML job seekers in the UK. We’ll explore: What neurodiversity means in a machine learning context How ADHD, autism & dyslexia strengths map to ML roles Practical workplace adjustments you can ask for under UK law How to talk about neurodivergence in applications & interviews By the end, you’ll have a clearer sense of where you might thrive in ML – & how to turn “different thinking” into a genuine career advantage.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.