Our client, a division of the MOD, is requiring an Information Assurance/Cyber Security Specialist to join them on a permanent basis based in Bristol.

The Cyber Security Specialist will be required to lead, coordinate and assure all activities towards achieving Information Assurance (IA) /cyber security accreditation.

Please note, due to the nature of the projects involved, this role is open to SOLE UK NATIONALS only, and whilst initially requiring SC level clearance, the successful candidate may be required to obtain Developed Vetting in the future.

Responsibilities

The SAC (Security Assurance Coordinator) monitors and reports to the Accreditor, Information Asset Owner (IAO) and Delivery Team on all security matters relating to a project.

The primary tasks of the SAC are to:

-Lead & establish the programme of work to work to ensure information assets are adequately protected at the platform assurance level.

-Ensure all appropriate actions are taken to achieve cyber security accreditation;

- Provide advice on security policy covering both policy that is already in place e.g., HMG SPF, Departmental Policy (JSP440), IEC/ISO 27001 controls and the creation of new security-related documents for the project, such as a Risk Management Accreditation Document Set (RMADS), relevant legislation (e.g. Data Protection Act, Freedom of Information Act), technical solutions, risk management and Information Assurance;

-Lead the activities required to maintain security accreditation throughout the equipment's project lifecycle. This will involve the liaison and provision of an interface between the relevant accreditor(s), the primary and sub supply chain, the project team and the end user community, ensuring that all aspects of security are delivered throughout the equipment's project lifecycle.

-Lead on the work required to prioritise and maintain Security Cases and keep the User informed on any changes that may impact on Operational aspects.

-Prioritising and implementing security measures within the maintenance periods set

-Ensure that security stakeholders roles required for the project have been identified, are aware of their responsibilities, and understand the levels of risk appetite and ensure the IA activities control risk within these appetites.

-Lead & establish the governance required to link Safety-Security procedures and audits to ensure Cyber risks are addressed within safety management processes

- Coordinate, consider, witness, manage and report on all security requirements for a project, ensuring they are completed professionally, efficiently, to schedule, and that they are fit for purpose and compliant with relevant policy and legislation;

-Conduct Data Protection Impact Assessments;

-Ensure all project cryptographic requirements are met;

- Monitor and report on project security requirements and issues as they arise;-

- Organise the project security meetings such as the Security Working Group and chair them on behalf of the Project Manager, if required;

- Be responsible for the production of all security deliverables (e.g., security documentation, testing witness reports) and ensuring they are fit for purpose and delivered on schedule; and,

- Create, update and manage the Security Risk Register and ensure it is reviewed at the security meetings

To be found successful you must demonstrate the following essential criteria:

• The ability to evidence a substantial range of cyber and information security knowledge.
• Experience, knowledge and/or qualifications in one or more of the following: Information risk management, information security (e.g. CISSP), cyber security of networks, engineering interfacing, product security lifecycles, penetration testing.
• Experience in RMADS (risk management and accreditation and document set) or security cases

It would benefit your application should be able to demonstrate the following desirable criteria:

• Experience in implementation of cost-effective and pragmatic security enforcing functions within systems or equipment and at system-of-systems design levels.
• Experience in leading and managing cyber security on complex engineering programmes.
• Experience and knowledge of cyber security in the defence environment, including knowledge of JSP440 and current defence policies and practices.
• Experience of working on submarine projects, and an understanding of submarine systems.
• Experience of leading / managing across a broad range of stakeholders and regulators

Salaries available between £41,000-£48,000 per annum with a competitive and extensive benefits package.

Networkers acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers and is part of Gattaca Plc.

Gattaca Plc provides support services to Networkers and may assist with processing your application.