Security Assurance Coordinator

Central Government Orgainisation based in Tauton has a requirement for a Security Assurance Coordinator. This is to be an initial 7 month contract

Background
The desktop estate and the supporting IT infrastructure, tools and systems used are complex due to the number of different configurations, applications and software versions. Some components are obsolete or well past their serviceable life and some of the functionality does not support the organisation's needs. SO7 programme aims to deliver a simpler, more manageable estate that underpins the target operating model.

Main Duties/Responsibilities

- Facilitate and chair the SO7 Security Working Group, promoting a security awareness culture, on issues such as HMG EUD & BYOD devices, password policy, protective parking, safe and secure disposal through awareness briefings.
- Manage relationships with key stakeholder groups including Project Teams within SO7 and the Information Security and Assurance teams. This may take the form of guidance on the threats, risks and mitigations that may be necessary in order to reduce the residual risk levels so that they are within the risk appetite of the SO7 system/business owner.
- Auditing and reporting to the CIO, on the effectiveness of these controls in order to gain an assurance that the project is compliant with current HMG and MoD regulations (eg HMG SPF, MoD JSP440, CESG IAP, NTA JSP604 and ISO 27001).
- Supporting, and authoring where required, the generation and through life management of the Risk Management Accreditation Document Sets that support the continuing accreditation of solutions delivered by SO7.
- Providing guidance on the threats, risks and mitigations that may be necessary in order to reduce residual risk levels so that they are within the risk appetite of the system/business owner
- Contributes to the development of IT Security Policy and Procedures and the ongoing maintenance of all supporting documentation aligned with the Security Policy Framework (SPF) Specifying requirements for IT Health Checks or Assessments to ensure identification and scheduled correction of any vulnerabilitiesto protect other IT systems and services.
- Alerting the Lead Accreditor, other Security Assurance Coordinators or CIO of unscheduled or rogue changes in Systems and Services, which may affect accreditation.

Skills/Experience Required

- The individual should have experience in delivering security within Internet facing, transactional digital services.

Formal Qualifications Required

- CESG Certified Professional (CCP) and or CESG Listed Approved Supplier (CLAS) status

Please apply for more detail

Capita Resourcing welcome applications from all suitably qualified people regardless of gender, race, disability, age or sexual orientation.

Capita Resourcing is a trading name of Capita Resourcing Ltd. Services offered are those of an Employment Agency and Employment Business. Applicants will be required to register with us.