Security Risk Assurance - Reading
DV Cleared - Permanent
JSP440 / Risk Assurance / Cyber Security
Amazing company to work for, get in touch for more information!
Proven knowledge and experienced in (or some) of the following:
Cyber Security & Information Assurance Risk Management, being fully proficient in performing Business Impact Analysis and Risk Assessments
Production of Risk Management Accreditation Document sets (RMADS)
Performing Security Risk Assessments, in particular knowledge of HMG IS1&2, NIST SP800-37 and CIS RAM
Proven record of developing and maintaining security policies, processes and procedures
Knowledge of the following Security Policies and Guidance:
MOD Security Standards and Policies, JSP440, JSP604 NIST 800-53, 53A, 30 and 37 NCSC Cyber
UK Government Security Policy Framework
ISO27001 (Audit/Gap Analysis)
Ideally achieved the Cyber Security Professional (CCP) certification, CISM, CRISC or CISSP
Understand and assess new and evolving technologies for use in the HMG context
Customer facing with the ability to confidently and authoritatively speak to the customer about security accreditation, risk and assurance.
Experience of IT Health Checks (CHECK), providing scope of works, analysis of ITHC reports and remediation plans. Knowledge and experience of the SOA lifecycle and specifically assurance and security governance.