Dear Ian Mitchell,

 

Thank you for making a request for information to the London Borough of
Enfield, received on 08/12/2024.

 

We are aiming to respond to your request within 20 working days of receipt
of your request and will let you know if we hold the information you
requested and whether or not we can release it under the Freedom of
Information Act 2000.

 

We are now making an initial assessment of your request and we will
contact you if any clarification is needed.

 

If you have any queries regarding your request, please contact us at
[1][Enfield Council request email] quoting the reference number
above.

 

Kind Regards

 

Taz Anastassi

Complaints and Information Co-ordinator

Complaints and Information Team

Environment & Communities

Enfield Council

Silver Street

Enfield EN1 3XY

 

[2][Enfield Council request email]

 

Protect the Environment – Think Before You Print.

 

"Enfield Council is committed to serving the whole borough, fairly,
delivering excellent services and building strong communities."

[3]Signature

 

 

From: Ian Mitchell <[FOI #1211331 email]>
Sent: 08 December 2024 10:59
To: complaintsandinformation <[Enfield Council request email]>
Subject: Freedom of Information request - Recruiting for cyber security
roles

 

Dear Enfield Council,

When recruiting for cyber security roles, could you please advise what
qualifications you require from candidates applying for the following five
roles (or the equivalent job title)?

1. Junior / Trainee Cyber Analyst
2. Standard Cyber Analyst
3. Senior Cyber Analyst / Cyber Team Leader
4. Information Security Manager / Chief Information Officer
5. Senior Information Risk Owner (SIRO)

Yours faithfully,

Ian Mitchell

-------------------------------------------------------------------

Please use this email address for all replies to this request:
[4][FOI #1211331 email]

Is [5][Enfield Council request email] the wrong address for
Freedom of Information requests to Enfield Council? If so, please contact
us using this form:
[6]https://www.whatdotheyknow.com/change_re...

Disclaimer: This message and any reply that you make will be published on
the internet. Our privacy and copyright policies:
[7]https://www.whatdotheyknow.com/help/offi...

For more detailed guidance on safely disclosing information, read the
latest advice from the ICO:
[8]https://www.whatdotheyknow.com/help/ico-...
[9]https://www.whatdotheyknow.com/help/ico-...

Please note that in some cases publication of requests and responses will
be delayed.

If you find this service useful as an FOI officer, please ask your web
manager to link to us from your organisation's FOI page.

show quoted sections

Dear Ian Mitchell

 

Thank you for your Freedom of Information request received 8^th December
2024. Please find the response to your request below.

 

If you are dissatisfied with the handling of your request, you have the
right to ask for an internal review. Internal review requests should be
submitted within two months of the date of receipt of the response to your
original letter and should be addressed to:

 

Complaints and Access to Information Team

Email – [1][Enfield Council request email]

 

Please remember to quote the reference number above in any future
communications.

 

If you are not content with the outcome of the internal review, you have
the right to apply directly to the Information Commissioner for a
decision. The Information Commissioner can be contacted at: Information
Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9
5AF

 

Kind Regards

DS Governance Team.

 

 

From: Ian Mitchell <[2][FOI #1211331 email]>
Sent: 08 December 2024 10:59
To: complaintsandinformation <[3][Enfield Council request email]>
Subject: Freedom of Information request - Recruiting for cyber security
roles

 

Dear Enfield Council,

When recruiting for cyber security roles, could you please advise what
qualifications you require from candidates applying for the following five
roles (or the equivalent job title)?

1. Junior / Trainee Cyber Analyst

This is an entry-level role, so the focus would be on foundational
knowledge and potential for growth.

 

Qualifications:

·       Essential:

o   CompTIA Security+ or equivalent foundational certification.

o   Awareness of cybersecurity principles (e.g., through coursework or
training).

·       Desirable:

o   Basic certifications in IT fundamentals.

o   Experience with common office productivity tools or interest in
SIEM/incident monitoring.

 

2. Standard Cyber Analyst

This role requires moderate experience and a deeper understanding of
cybersecurity concepts and tools.

 

Qualifications:

·       Essential:

o   CompTIA CySA+ or equivalent (e.g., Certified SOC Analyst).

o   Knowledge of SIEM platforms.

o   Proficiency with email security platforms.

o   Experience with vulnerability management tools.

·       Desirable:

o   Certifications in security, compliance, and identity fundamentals.

o   Certifications for VPN and firewall familiarity.

 

3. Senior Cyber Analyst / Cyber Team Leader

This role demands leadership ability and technical expertise in managing
cyber teams and complex security environments.

 

Qualifications:

·       Essential:

o   Certified Information Systems Security Professional (CISSP) or
Certified Ethical Hacker (CEH).

o   Risk management expertise and a qualification in same such as (CRISC).

o   Experience with advanced SIEM solutions and incident response.

o   Knowledge of integrated security management portals.

o   Project Management experience and qualification such as PRINCE2

·       Desirable:

o   Certifications for firewall and remote access systems.

o   ITIL certifications for service management.

o   Experience with patch management and privileged access management
solutions.

 

4. Information Security Manager / Chief Information Officer (CIO)

This role requires strategic vision and oversight of all cybersecurity and
IT governance within the council.

 

Qualifications:

·       Essential:

o   Certified Information Security Manager (CISM) or ISO 27001 Lead
Implementer.

o   CGEIT (Certified in the Governance of Enterprise IT) for governance
expertise.

o   Advanced certifications in security operations.

·       Desirable:

o   CRISC for risk and control management.

o   Experience managing cloud native SIEM platforms.

o   Familiarity with national cybersecurity guidelines for local councils
(NCSC, CAF, NIST etc).

 

5. Senior Information Risk Owner (SIRO)

This is a high-level strategic role requiring governance and risk
management expertise.

 

Qualifications:

·       Essential:

o   CRISC for enterprise risk management and control frameworks.

o   CGEIT for IT governance and alignment with business objectives.

o   ISO 27001 Lead Implementer or equivalent.

·       Desirable:

o   Familiarity with GDPR and public sector compliance frameworks.

o   ITIL Expert or Master certification for service management.

o   Professional development in data protection and classification.

 

Yours faithfully,

Ian Mitchell

-------------------------------------------------------------------

Please use this email address for all replies to this request:
[4][FOI #1211331 email]

Is [5][Enfield Council request email] the wrong address for
Freedom of Information requests to Enfield Council? If so, please contact
us using this form:
[6]https://www.whatdotheyknow.com/change_re...

Disclaimer: This message and any reply that you make will be published on
the internet. Our privacy and copyright policies:
[7]https://www.whatdotheyknow.com/help/offi...

For more detailed guidance on safely disclosing information, read the
latest advice from the ICO:
[8]https://www.whatdotheyknow.com/help/ico-...
[9]https://www.whatdotheyknow.com/help/ico-...

Please note that in some cases publication of requests and responses will
be delayed.

If you find this service useful as an FOI officer, please ask your web
manager to link to us from your organisation's FOI page.

show quoted sections