Information Assurance Specialist

Information Assurance Specialist - Crawley - 6 Month Contract - SC Cleared

About Your role

Reporting to the Head of Information Assurance you will be responsible for the security evaluation, implementation and documentation of cost effective technical security requirements and controls for the client.

To identify and reduce business risk by undertaking probing, analytical technical security assessments and defining/coordinating security assurance activities. This will be achieved by reviewing, maintaining and updating all technical security documentation and risk registers, alongside policy and procedures associated with the clients networks, systems and applications, in accordance with Mandatory Requirements of UK HMG Security Policy Framework (SPF), applicable Information Assurance Standards and the clients Policy.

Your Key Responsibilities

Support the client in ensuring all technical security measures are enhanced and developed where necessary, to ensure successful and timely system accreditations and re-accreditations.
Provide central point of contact for all technical security matters and concerns, supporting project teams and businesses throughout project life cycles.
Responsibility for developing, implementing and conducting formal and regular technical risk assessments of the clients IT environments, recommending remedial action where required.
Work collaboratively with technical project delivery squads to ensure proposed solutions provide the required level of security assurance in line with data processing requirements and the client and customer risk appetites.
Ensure that technical requirements for the clients assurance activities are delivered in the functional area in line with risk appetite.

About You:

As an experienced Information Assurance specialist, your skills and experience will include;

In depth experience in technical security support with a variety of systems and applications.
Evidential experience as subject matter expert in the evaluation and implementation of technical security products for Public or Private sector organisations.
Able to provide analytical advice on the security implications of new and existing systems and for all proposed changes to said systems.
Able to interpret detailed system design documentation and identify potential security risks and mitigations to implement secure and appropriate security solutions.
Ensure that the activities embody a compliancy approach such that Security Architecture and Services manage risk, maximising business value with appropriate security.
Quantifiable experience in fundamentals of all aspects of Security technical design.
Experience in performing formal risk assessments and production of Risk Management and Accreditation Documentation (RMADS) in line with UK Government policy.
In depth experience in security technical support with a variety of systems and applications.
Formal stakeholder for the successful assessment and delivery of security related change control processes.
Experience in application of Security Frameworks. eg ISO27000 series, NIST-800 and associated assurance activities.
Recognised Security certifications eg CISSP, CISM, CCSK or equivalent
Demonstrable understanding of digital, virtualisation and containerisation technologies.
Demonstrable understanding of application of security principles within an agile delivery framework.
Proven experience in assessing and managing technical risk,
Ability to provide technical security advice to business areas when required and to provide technical security input to the security risk registers.