Key Accountabilities:
- Provide analysis of risks to information systems in order to inform risk owners and project managers to allow effective decision making.
- Provide expert subject matter advice to management chain.
- Ensure IT projects are provided with timely technical security advice.
- Develop and apply the overall security architecture of the organisation and the place within in it of key security controls.
- Maintains and promotes high personal standards in environment, safety, health, security, and quality and be a great team player.
Key Responsibilities:
- Provide lead for maintaining awareness of industry best practice in Information Assurance and Information Risk Management.
- Determine how the overall security architecture applies to projects under consideration and advise project solution architects on security requirements.
- Review high- and low-level solution designs for compliance with overall security architecture, achievement of security requirements and overall efficacy of the security features and tools.
- Facilitate the formal accreditation of corporate systems
- Assist with IT Health Check and Vulnerability Assessments by approving scope of tests and overall testing programme.
- Provide technical risk assessment analysis.
- Develop the professionalism of Information Risk Management
- Attend project Security Working Groups and manage when appropriate.
Experience and skills:
- Has worked in a Defence industry
- Security Clearance: Active DV
- Security Analyst skills
- Firewalls
- DevOps
- Cloud
- Intrusion detection systems (IDS)
- Intrusion prevention systems (IPS)
- Has worked in highly classified environments
- Endpoint detection
- Technical background
- Stakeholder Management
- Hands on with security tooling