Information Security Specialist

  • Job ref:


  • Location:

    Sunbury-On-Thames, Surrey

  • Sector:


  • Job type:


  • Salary:

    £400 - £450 per day

  • Contact:

    Tom McParland

  • Email:

  • Published:

    over 2 years ago

  • Duration:

    12 Months

  • Start date:


  • Consultant:


Information Security Specialist

Work Location: Sunbury/Houston

Start Date: October 2019

Assignment Duration: 1 year, with the possibility to extend

Role description: Responsible for supporting information security and risk activities for the Rig Delivery Team, using technical capabilities to execute security/risk processes, support the development of appropriate solutions, produce reports and advise the business on security and risk requirements.

Key Accountabilities:

* Provides sound technical expertise in support of information security and risk activities specific to Information Security Engineering to achieve objectives e.g. supporting the development and implementation of the information security governance and compliance process; reporting on the effectiveness of security procedures and safeguards and recommending the best approach; delivering security solutions to projects across the design, build and execution phases etc.

* Supports the implementation and application of relevant operating processes and procedures, and ensures all activities adhere to the relevant standards.

* Liaises with various teams across Digital Security to advise on information security and risk and manages third party service providers that are helping to deliver related projects as required.

* Seeks opportunities for continuous improvement within the specialism in response to internal and external developments, working with team members to identify continuous improvement plans.

Job Responsibilities:

Network architecture

* Maintain inventory of system security classifications of equipment on PIN

* Maintain accurate PIN network and interface network drawings

* Maintain architectural compliance with GDP requirements

Firewall Management

* Documentation of FW rules for data flows to/from PIN network

* Apply appropriate management of change protocols when FW rules are modified

* Support an annual PIN FW high rule review

Security Monitoring

* Support potential impact assessments for monitoring solutions

* Support deployment of GWO PCN CoE cybersecurity monitoring solutions

System and USB Hardening

* Support system hardening recommendations

* Ensure Rig has processes and procedures in place that address USB and portable media management

Remote user access

* Ensure Remote access design is Security compliant

Anti-Malware protection and System Security Updates

* Support anti-malware and patching recommendations

* Document mitigating measures when regulations, obsolescence or vendor restrictions restricts anti-malware patching

Backup and Restore

* Verify availability of backup and restore procedures and process

* Ensure backups exist for all safety and control security level systems

Desktop Exercise

* Support Regional cyber security desktop exercise

Annual Self-Assessment

* Conduct an annual self-assessment for PIN to GDP 3.5 and GP 30-60 Baseline Controls

Desirable Criteria & Qualifications:

* An external accreditation (e.g. GICSP, CCNP, MCSE or any enterprise firewall vendor support or security certification)