about 1 year ago
6 month Contract
Active DV clearance required
Are you a motivated individual who is enthusiastic about Cyber Security? Can you provide information security and risk management guidance to customers to meet their security assurance needs? Do you want to be proud to work for a company that respects its people and is at the forefront of technology? We are looking to grow our team with committed people who are proficient in Security Risk Management and Assurance.
About the Role
Our business is rapidly evolving, and we are seeking proficient, experienced individuals from a Security Risk Management and Assurance background to join our rapidly growing Cyber Security Team. We have several exciting roles working with private, Government, and Defence customers in developing their IT services.
We are looking for a motivated, enthusiastic individual who is proficient in cyber security and information security.
You will have experience of working within the Ministry of Defence or within a Government environment and have current working knowledge of current industry standards and industry best practice. An understanding of the Government Classification Scheme is essential for this role.
Individuals with security clearance preferred or must be prepared to undertake security clearance.
You will need to be versatile and equally comfortable working within a bid team providing a response in support of a new business opportunity or working within a team supporting an established project.
Proven knowledge and experienced in (or some) of the following:
- Cyber Security & Information Assurance Risk Management, being fully proficient in performing Business Impact Analysis and Risk Assessments
- Production of Risk Management Accreditation Document sets (RMADS)
- Performing Security Risk Assessments, in particular knowledge of HMG IS1&2, NIST SP800-37 and CIS RA
- Security Architectures
- Proven record of developing and maintaining security policies, processes and procedures
- Knowledge of the following Security Policies and Guidance:MOD Security Standards and Policies, JSP440, JSP604
- NCSC Cyber Essentials
- UK Government Security Policy Framework
- ISO27001 (Audit/Gap Analysis)
- Ideally achieved the Cyber Security Professional (CCP) certification, CISM, CRISC or CISSP
- Understand and assess new and evolving technologies for use in the HMG context
- Customer facing with the ability to confidently and authoritatively speak to the customer about security accreditation, risk and assurance.
- Experience of IT Health Checks (CHECK), providing scope of works, analysis of ITHC reports and remediation plans.
- Knowledge and experience of the SOA lifecycle and specifically assurance and security governance.