IT Security Officer

Background

Our Central Government Client is currently recruiting for an IT Security Officer for a 6 month contract based in Taunton. The IT Security Team is responsible for all IT Security activities in relation to BAU and Projects across all environments. The team is responsible for the risk assessment of new and existing systems and thereafter assurance that suitable mitigations are in place that ensure the Confidentiality Integrity and Availability of systems. It is highly desirable that you have current SC clearance however you must be able to go through this clearance if successful in securing this post.

Main Duties/Responsibilities

Managing relationships with key stakeholder groups including IT Projects, Service Delivery, HR, Finance, Architects and Procurement in order to gain buy in and compliance with the client's Security Policies and Baseline Control Measures. This may take the form of guidance on the threats, risks and mitigations that may be necessary in order to reduce the residual risk levels so that they are within the risk appetite of the system/business owner. Thereafter auditing and reporting on the effectiveness of these controls in order to gain an assurance that the Organisation is compliant with current regulations. Reviewing change across the Business; investigating those that are new, contentious or innovative, possibly that require a snapshot Technical Risk Assessment, and agreeing mitigations when necessary. This will include a recommendation with supporting evidence which will then lead onto Approval, Rejection or Escalation by the Lead ITSO or CIO. Contribute to the development of IT Security Policy and the ongoing maintenance of all supporting documentation, specifying requirements for IT Health Checks or Assessments. Initiating investigations into IT security incidents and contributing to Information Assurance Maturity Model assessments and supporting the Information Assurance team in developing the Business Case for investment on new technology and solutions that improve IT security governance and compliance.

Skills/Experience Required

Essential Ideally 3 years in an IT Security role and able to clearly demonstrate recent experience of working within an Information Security and Information Assurance environment Fundamental understanding of ISO 27001 accreditation with the capability to create and maintain supporting documentation in relation to a Risk Management Accredited Document Set (RMADS) Desirable Ideally 5 years recent experience in an IMT role, with a system, network, external comms or web admin specialism including appropriate qualifications.

Formal Qualifications Required

Essential ISO/IEC 27001:2005 Lead Auditor qualification within the last three years CESG Certified Professional (practitioner or senior level) Experience in planning, managing and implementing an Information Security Management System within a commercial environment Experience in Information Risk Assessment and Management Desirable Membership of the Institute of Information Security Professionals (IISP) MOD ITSO qualification

Capita Resourcing welcome applications from all suitably qualified people regardless of gender, race, disability, age or sexual orientation.

Capita Resourcing is a trading name of Capita Resourcing Ltd. Services offered are those of an Employment Agency and Employment Business. Applicants will be required to register with us.