Information Assurance Consultant (SC Cleared)

Certes Computing Limited
13 Nov 2017
16 Nov 2017
Contract Type
Full Time
We require an Information Assurance Consultant (SC Cleared) for a 12 month contract role based on a Client site in Wiltshire to start asap...

Please be advised this role will be deemed in scope of IR35.

Role Overview:
We require an Information Assurance Subject Matter Expert to join the Client's project team to be responsible for completing and managing assurance activities for their specific project to ensure accreditation is achieved supporting the successful delivery of the project.

The role will involve liaising with commercial suppliers, internal assurance, design teams and other stakeholders as required.

Duties include:
Provide support/develop the Information Assurance, Cyber and Accreditation evidence in support of Design, Development and Deployment
To provide expert advice and input to ensure the system meets all necessary technical and policy security
requirements, is assessed for IA/Cyber risks and provides support for risk management/accreditation decisions.
Activities will include but are not limited to:
Produce/Review/Manage accreditation deliverables and activities in accordance with Client Policy and in line with Project Plans.
Attendance and input within specialist area at meetings/workshops/working groups.
Provide updates to the Security stakeholders in support of these activities.

Essential skills/experience required:

Experience of providing technical security support on Government projects working to HMG Security Policy and requirements (JSP 440, 604 etc).
Evidence of working with security stakeholders and coordination,
analysis and management of system security risks.
Able to demonstrate the application of contextualised risk management in the application of technical/procedural/physical security controls within the risk/cost/benefit trading space
An understanding of Crypto Key production, movement and use and
experience of working within the Cryptography environment and understanding of Cryptography policy and requirements (JSP 490, 491 etc)
Experience of scoping ITHC activity and remediating ITHC Recommendations
Evidence and proven track record of delivering security assurance, accreditation documentation and activities within a complex IT system/service, to successful outcomes.
Experience of identifying, assessing, recording and managing risk at programme/project level and then producing/maintaining risk documentation for use in system accreditation and be capable of managing compliance against security requirements

Nice-to-have skills and experience

CISSP (Or industry equivalent)
CCP SIRA (Or industry equivalent)
Demonstrable experience of working as a technical security SME within a project environment, using Agile methodologies
Experience of leading Security Working Groups as a way of managing project security risks

Certes Computing (and all of its subsidiary companies) is committed to promoting equality and diversity in its business operations.
This job was originally posted as