£550 - £600 per day
14 days ago
Security Assurance Coordinator
£550 - £600 per day
We are looking for an Security Assurance Coordinator to join as a member of the Project Assurance team within the Intelligence Solutions BU of the UK Cyber division.
You will receive direction from the Accreditor, the Information Risk Owner (IRO), the Defence Crypto-security Authority (DCA), the Project Board, and the Project Manager.
This role requires you to take ownership of any unresolved security matters and co-ordinate the resolution with the relevant stakeholders, accreditation bodies and Security Working Group (SWG).
It would be great if you had previous expertise of working in the information assurance and cyber security arena in both government and industry.
Key Responsibility Areas
Have a good knowledge of the relevant HMG, CESG and MOD (mainly JSP) policy and guidance.
Ensure appropriate action is taken to enable accreditation.
Provide advice on security policy and technical solutions.
Ensure that National and MoD Cryptosecurity and security policy is being correctly applied.
Monitor security considerations that are being incorporated and report on them to the SWG.
Establish the Terms of Reference for the SWG.
Organise the Project SWG meetings around a status list of requirements for each accreditation or re-accreditation covering COMSEC, COMPUSEC, TEMPEST, Key management and P3 (Physical, Procedural & Personnel) measures for each project or phase.
Highlight and report unresolved security difficulties to the SWG.
Inform the Project Board, through the Project Manager, of the SWG decisions.
Ensure that the configuration management procedures meet the criteria for the required level of assurance and that Cryptonet Controlling functions are in place where necessary.
Liaise with the National Security Authorities advisors, the Defence Cryptosecurity Authority and TLB Principal Security Advisors (PSyA) and advise the SWG as appropriate.
Ensure that the security deliverables are available as and when required by the project plan.
Responsible for the production of all security deliverables (e.g. security documentation) and ensure that they are fit for purpose (to the satisfaction of the Accreditor).
Staff and coordinate the input to Sy Ops and any P3 measures required.
Arrange with Accreditor for the issue of Interim and/or full accreditation certificates as required by stages of the project.
Co-ordinates the Project Cryptographic Plan.
Ensure that all Project security related risks, as identified by the Accreditor and/or SWG, are promptly listed on the Projects Risk Register and reviewed at each SWG meeting.
Ensure that a Project Information Risk Owner has been identified.
Skills, Qualifications & Knowledge Required
CESG Certified Professional (CCP) or equivalent CESG Listed Advisor (CLAS)
Fundamental understanding of HMG Security Policy Framework, MoD JSP440 and ISO 27001 accreditation with the capability to create and maintain supporting documentation in relation to a Risk Management Accredited Document Set (RMADS)#
Production and review of IS1&IS2 Risk Management and Accreditation Document Sets (RMADS) within a UK MoD (JSP 440) environment
DSAS in an IA and IT Security role and able to clearly demonstrate recent experience of working within an Information Security and Information Assurance environment
Defence/MoD experience (Highly desirable)