IA Consultant
Recruiter
Listed on
Location
Salary/Rate
Type
Start Date
This job has now expired please search on the home page to find live IT Jobs.
Primary Purpose of the Role:
Supporting the cyber security management team to develop the Cyber Security Portfolio business.
Undertake Cyber Security Consultancy tasks for customers in the Critical National Infrastructure, Transportation, MoD, Government and Enterprise markets.
Provide expert advice and support to complete contracted work.
Principal Relationships:
As a Team Leader you will liaise with the Cyber Security Portfolio (CSP) Lead Engineering Manager (LEM) for day-to-day / week-to-week project tasking / Technical direction / Skills Development
CIC Portfolio Manager and Client Customer Partner for Strategic Direction & Business opportunity leads
Cyber Engagement Partners and Business Developers to pursue business opportunities
Primary Tasks
Development of accreditation strategy in accordance with National Security Standards, SPF and other bespoke policy such as Nuclear policy and JSP440
Security threat analysis, risk assessment and derived high-level security requirement, including technical and non-technical (Personnel, physical and procedural controls)
System architectural analysis and detailed security design
Creation of Systems Engineering documentation as per company SYS-EM methodology (Chorus 2)
Creation of security documentation in accordance with appropriate standards (e.g. JSP440, HMG National Security Standards and guidelines (HMG IAS1-2, etc), SPF, ISO 27001)
Skills:
Essential
Application of SPF, UK National Security Policies and Guidelines, Nuclear IA policy, Defence Manual of Security (JSP 440), Defence Cryptographic Standards JSP490, ISO 27001 and NATO IA Policy throughout the project and engineering lifecycle.
Application and pragmatic interpretation of HMG Information Assurance Standards 1-2, 4 and 5 and referenced guidance (CESG GPG and Implementation Guidance).
Develop strategies to support the successful accreditation of systems/services, including identifying the scope of accreditation, dependencies and assurance methods required.
Production and manage delivery of accreditation deliverables, including Technical Risk Assessment, RMADS, SyOps, Codes of Connection and policy documentation.
Audit of client infrastructure to establish compliance with standards, such as ISO27001, SPF, JSP440 & JSP490.
Have knowledge and understanding of the characteristics, vulnerabilities/risks and mitigations required related to at least one of the following technologies/systems:
Supervisory Control And Data Acquisition (SCADA) systems
IT Networks, Wireless LAN, switches, routers
Ability to analysis system design, solution and network diagrams to identify vulnerabilities and make recommendations to remediate the risk.
If this is you Alex Alexander 0207 907 3827