IT Security Officer/Compliance Manager
Competitive Salary + Benefits
IT Security Officer/Compliance Manager
About the Role?
Based at RAF Brize Norton in West Oxfordshire, the IT Security Officer (ITSO)/Compliance Manager will oversee and provide security advice on the implementation of all Communications and IT Systems for Babcock's AirTanker (FSTA) and UK Military Flying Training System (UKMFTS) programmes dealing with policy and documentation of HM Government, Ministry of Defence (MoD) and commercial systems, and investigation and reporting of IT security incidents
You will form part of the FSTA Compliance team that provides a focal point for all Health Safety, Environmental and Quality.
Whilst the role and primary area of responsibility will be at the AirTanker Hub at RAF Brize Norton, the ITSO/Compliance Manager will be required to provide support to other sites associated and supported by these programmes; it is anticipated that 60% of the role will be centred at RAF Brize Norton with the remaining 40% at UKMFTS HQ in Bristol. Periodic work at UKMFTS sites at RAF Valley, RAF Cranwell, RAF Cosford, RAF Shawbury and RNAS Culdrose should be expected.
Responsible for providing security advice in conjunction with respective site security controllers and the central Information Assurance team to installation staff, system users and IT Project teams.
Production and maintenance of security policy documentation for IT systems including: Security operating procedures, risk management accreditation document sets and code of connections; auditing and measuring system compliance with these documents. Ensure Site Coordinating Installation Design Authority (SCIDA) policies are adhered to and maintained to ensure certification is maintained. This includes updates to code of connection activities for legacy, third party and/or Picasso infrastructure.
Monitor the implementation of hardware and software changes and enhancements to ensure that maintenance is carried out without endangering security for Legacy and Picasso systems.
Assess IT compliance with policies and procedures, driving remediation where non-compliance exists, and imposing sanctions and restorative actions to regain compliance.
What do I need to do the role?
The successful candidate will be an experienced IT Security professional, with working knowledge of HM Government standards including JSP440, JSP604 and Security Policy framework (SPF), HM Government Information Assurance standards and their implementation
Experience of producing security documentation including security operating procedures, accreditation document sets, RMADS and relevant interface code of connections.
Desirable (to be developed in the role)
- Knowledge of Cyber Essentials Plus and National Institute of Standards and Technology (NIST-Cyber Security Framework, ISO27001/ ISO27005, National Cyber Security Centre (NCSC good practice guides and NCSC approved products) and Business Continuity practices ISO22301.
- IOSH Managing Safely or higher health safety and environmental qualifications
- ISO9001:2015 Auditor with experience of contributing to internal audit programmes
What else do I need to know?
The role is based at RAF Brize Norton, West Oxfordshire
It will require you to obtain SC Clearance on acceptance of the role
About Babcock International
Babcock International Group is committed to building an inclusive culture and strives to attract talent who thrive in an inclusive and flexible working environment.
If you have a disability or need any reasonable adjustments during the application and selection stages, please let us know and will respond in a way that best fit your specific needs.
We are proud to support the Armed Forces community by honouring the Armed Forces Covenant. We recognise the value that Serving Personnel, both Regular and Reserves, Veterans, Uniformed Cadet Instructors and Service Families contribute to our business and the United Kingdom. As part of the Covenant, Babcock offers Reservists and Uniformed Cadet Instructors up to two week's special paid leave to help them meet their commitments. To find out more please click here.
We are happy to talk about flexible working. Please ask about alternative patterns of work at interview.