Physical Security and Business Continuity Manager

This job has now expired please search on the home page to find live IT Jobs.

Physical Security & Business Continuity Manager

Role Type: Fixed Term Appointment (FTA) - 3 years.

Working Pattern: Full time (37 hours/week), Flexible working.

Travel: Regular travel will be required between ONS sites.

Job Description:

The ONS is the UK's largest independent producer of official statistics and its recognised national statistical institute. ONS are responsible for collecting and publishing statistics related to the economy, population and society at national, regional and local levels. ONS also conduct the census in England and Wales every 10 years.

An exciting opportunity has arisen for an ONS Physical Security Manager to manage physical security and business continuity (BC) across all ONS sites. These offices are based at Newport, Titchfield, London and Christchurch (archive storage facility). The ONS property estate provides working facilities for over 6.000 staff, and includes several hundred mobile field workers periodically.

Information Assurance (IA) teams are based in Titchfield and Newport and provide various services for ONS including, but not limited to, security assurance, risk advice, vetting, operational and physical security, disaster recovery, business continuity planning and specialist training and awareness.

This role will afford the successful candidate an opportunity to manage physical security and business continuity arrangements for ONS, but also to liaise with Other Government Departments (OGDs) and security authorities.

The role will be based in Newport in the Information Assurance (IA) Branch. The IA teams are based in Titchfield and Newport, and some travel regular travel between ONS sites will be required to address physical security matters with ONS staff and key stakeholders.

This role is advertised as a FTA appointment for 3 years. However, it is a critical, high profile role, and it is anticipated for a suitable candidate the positions will be made permanent within this period. Without the need for further recruitment.

Main Responsibilities

Physical Security

* Undertake physical security risk assessments at each site and develop action plans.

* Manage a programme of tests and audits to measure the effectiveness of physical security procedures and take remedial action where necessary.

* Assist in developing and delivering the departmental security awareness programme.

* Provide advice to ONS business areas on physical security related matters. Manage class 4 safe and secure room access.

* Develop the security policy for foreign travel and provide advice for staff travelling to developing countries.

* Experienced in principles, practices, tools and techniques of physical security auditing.

* Policy and procedure: Merging confident operational knowledge with good written skills - a capable writer, able to succinctly convey requirements to security operations teams and general ONS employees.

* Ability to articulate physical security advice directly to key stakeholders, including CSO, ITSO, CDO, CTO and Executive Director and Director General level;

* Liaison with security authorities (CPNI) on ONS physical security matters and informing ONS of key requirements.

* Be the subject matter expert for counter terrorism issues.

Business Continuity

* Demonstrate ONS's alignment with ISO22301 by passing periodic external audits.

* Assist business areas with BC duties or queries.

* Monitor coverage and maintenance of Business Continuity Plans (BCPs) across ONS and report to senior management at six month intervals.

* Ensure the organisation maintains an effective incident response capability.

* Experience in methods and techniques for risk management, business impact analysis, and contingency arrangements relating to the serious disruption of IT services. Examples: resilience, security, fallback location/services.

Skills & Experience:

Skill Area

SEO

(Any 5 skill areas form the core)

Managing Physical Security Assets

Proficient in the management of physical security assets for a large multi-site organisation.

Understanding the appropriate security interventions to use (physical, personnel and cyber) to develop a physical security strategy.

Ensuring the ONS Board understand the physical security risks, and are engaged by leading from the top to help foster a culture where security is seen as a business enabler.

Physical Security Advice

Is able to advise ONS staff on physical security requirements, and produce communications to increase security awareness and culture.

Is able to collaborate with and guide ONS business teams and partners regarding physical security controls and behaviours.

Is aware of counter terrorism issues (eg CPNI advice), and managing physical security incident management.

Data

Understanding of Cloud Security Principle 2: Asset protection and resilience.

Ensuring ONS user data, and the assets storing or processing it, should be protected against physical tampering, loss, damage or seizure.

Understanding the physical security threat to ONS data to ensure protective security measures and mitigations are proportionate, effective and responsive.

Business Continuity

Experience of business continuity audits (physical assets), internal and external.

Monitor maintenance and coverage of ONS BCPs.

Arrange testing of BCPs and ensure ONS maintains an effective incident response capability. Liaise with ONS BCP contacts to ensure effectiveness of all related BCP activities.

Facilities Management

Liaise with ONS site managers in relation to physical security activities. In particular, to be aware of any new systems, tools or products that are being introduced and their implications.

Understanding of how to physically protect the outer perimeter, inner perimeter, and interior of all ONS sites.

Understanding of how to implement layered security to introduce and improve physical security measures (eg access control, monitoring).

Standards

Understanding of ISO22301 Business Continuity Management. In particular, the ability to understand and prioritise threats to ONS business. Ensure through effective physical security controls ONS tries to recover effectively from disruptive incidents.

Be familiar with best practices for physically securing office facilities.

Security & Risk

Able to identify and minimise risks in physical security through the application of standards and policies.

Proficient in introducing physical security controls incorporating data protection, such as the protection of physical assets and data.

An understanding of physical security technology, infrastructure, network build, buildings and attack prevention tools.

Vendor Engagement

Liaison with ONS stakeholders in relation to potential new vendors providing physical security services to ONS.

Able to assess legal, licensing and cost consequences of new services (eg new access control system, new CCTV) from a physical security perspective.

Experience of vendor physical security support models, for example training, maintenance and security and able to assess the impact of these on the ONS.

Assurance

Experience of assuring a suitably fit for purpose physical security measures. Able to challenge peers and third party approaches based on previous experience and knowledge.

Has experience of physical security auditing and practices.

Civil Service Competencies:

(apply to both SEO and Grade 7 role at applicable level)

* Leading and Communicating.

* Changing and Improving.

* Making Effective Decisions.

* Managing a Quality Service.

Qualifications

Desirable

* A Security Check is required for this role or working towards obtaining this clearance within 3 months.

* Recognised security qualification preferred, CCP ITSO, etc.

* Graduate-level education, preferably technical/science-based, or equivalent experience.