Welcome guest. To get the most out of our site, please sign up as a candidate or apply for a recruiter account. Registration is fast and simple and gives you access to the facilities available to make recruitment easier.
Security Consultant
This job has now expired please use the tags below to search for current vacancies or use the search on the home page to find live IT Jobs now.
| Location: | Newport newport | telford wrekin |
|---|---|
| Tags: | risk | compliance | consultant | security consultant | government | cesg | engineering | audit manager | risk management | information manager | risk newport | risk telford wrekin |
| Type: | Contract |
An initial 6 month contract is available for an exceptional individual, with deep hands-on experience in compliance with the Government Security Policy Framework and ISO 27001, coupled with communication, organisational and leadership skills. The individual should also have a good understanding of the security guidance from the Cabinet Office, CESG and CPNI, and a strategic understanding of how these standards fit together to form an ISO 27001-compattible system for managing IS risk. A CLAS background would be advantageous.
Reporting to the Departmental Security Officer and ultimately the Senior Information Risk Owner, you will be responsible for delivering the following:
Deliverables:
A good understanding of the compliance , our performance against IAMM and our position against ISO 27001.
Develop and submit for approval a security programme which includes the key events required to meet level 1 of the IAMM and the annual/ repeated events which must support our compliance with this standard.
Prioritise any missing policies, procedures and plans; create policies as needed and work with the security team (IT Security Officer, Assistant ITSO, Information Manager, Audit Manager) in order to address these gaps.
Ensure that all policies have adequate scrutiny through the involvement of InfoSec and are published in a central location.
Establish a process and routine for regular risk management meetings as outlined in your programme plan. Ensure that the key responsibilities for the SIRO under IAMM are met.
You would be expected to coach and transfer skills to the security team as required, and participate in risk assessments and/ or audits where time allows or by request.
The overall deliverable would be a complete system for managing IS risk, compatible with SPF and ISO 27001, measured annually using IAMM and ISO audits. Key events should be defined through the year (penetration tests, risk assessments etc.) in order to maintain these standards and you will at the end of the contract leave behind a programme that can be updated to move to the next level of compliance against the IAMM.
Key Skills
* Proven ability to inject pace, lead and manage a team of people.
* Strategic insight into Government Policy, SPF, IAMM and ISO 27001.
* Ability to establish and communicate a programme of work, and the ability to establish a practical system of working.
* Hands-on experience to lead and contribute to the work required over a short timescale.
Experience
* Previously lead an organisation through ISO 27001.
* Ideally have experienced a CESG assisted IAMM in the last 12 months.
* Well versed in Government policy and extensive experience of maintaining compliance with these policies for other organisations.
* Good experience of using IS1 & 2 risk assessments.
* Extremely IT literate with an ability to understand application and infrastructure technologies.
Terms and Conditions
* Base of operation would be Newport, South Wales.
* The office operates a flexible working policy between 0700 and 1900.
Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to 10 weeks. LA International Computer Consultants Ltd is an HMG Approved Consultancy and operates as an IT & Engineering Consultancy or as an Employment Business & Agency, depending upon the precise nature of the work, for security cleared jobs or non clearance vacancies. Award Winning LA International Computer Consultants Ltd ( Recruiter Awards For Excellence - Best IT , Best Public Sector & Gold Awards)
Reporting to the Departmental Security Officer and ultimately the Senior Information Risk Owner, you will be responsible for delivering the following:
Deliverables:
A good understanding of the compliance , our performance against IAMM and our position against ISO 27001.
Develop and submit for approval a security programme which includes the key events required to meet level 1 of the IAMM and the annual/ repeated events which must support our compliance with this standard.
Prioritise any missing policies, procedures and plans; create policies as needed and work with the security team (IT Security Officer, Assistant ITSO, Information Manager, Audit Manager) in order to address these gaps.
Ensure that all policies have adequate scrutiny through the involvement of InfoSec and are published in a central location.
Establish a process and routine for regular risk management meetings as outlined in your programme plan. Ensure that the key responsibilities for the SIRO under IAMM are met.
You would be expected to coach and transfer skills to the security team as required, and participate in risk assessments and/ or audits where time allows or by request.
The overall deliverable would be a complete system for managing IS risk, compatible with SPF and ISO 27001, measured annually using IAMM and ISO audits. Key events should be defined through the year (penetration tests, risk assessments etc.) in order to maintain these standards and you will at the end of the contract leave behind a programme that can be updated to move to the next level of compliance against the IAMM.
Key Skills
* Proven ability to inject pace, lead and manage a team of people.
* Strategic insight into Government Policy, SPF, IAMM and ISO 27001.
* Ability to establish and communicate a programme of work, and the ability to establish a practical system of working.
* Hands-on experience to lead and contribute to the work required over a short timescale.
Experience
* Previously lead an organisation through ISO 27001.
* Ideally have experienced a CESG assisted IAMM in the last 12 months.
* Well versed in Government policy and extensive experience of maintaining compliance with these policies for other organisations.
* Good experience of using IS1 & 2 risk assessments.
* Extremely IT literate with an ability to understand application and infrastructure technologies.
Terms and Conditions
* Base of operation would be Newport, South Wales.
* The office operates a flexible working policy between 0700 and 1900.
Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to 10 weeks. LA International Computer Consultants Ltd is an HMG Approved Consultancy and operates as an IT & Engineering Consultancy or as an Employment Business & Agency, depending upon the precise nature of the work, for security cleared jobs or non clearance vacancies. Award Winning LA International Computer Consultants Ltd ( Recruiter Awards For Excellence - Best IT , Best Public Sector & Gold Awards)
http://www.technojobs.co.uk/job.phtml/365934
