Information Security Compliance Analyst

Gregory Martin International
Christchurch, UK
11 Aug 2019
09 Sep 2019
Contract Type
Full Time
Information Security Compliance Analyst

Our client has an exciting opportunity for an Information Security Compliance Analyst / Subject Expert to join their team. Role reports to Director of Compliance. While the role is based at Christchurch, Dorset, applications from candidates located elsewhere in the UK would be also welcome providing they are prepared to work at Christchurch when necessary, typically 2 or 3 days a week. Candidates will also require a willingness to travel elsewhere within the UK, and the EU primarily France and Denmark. Overall overseas travel requirement c. 5 - 10%. SC clearance, or BPSS clearance with the ability to obtain SC clearance is essential. The salary is very competitive with excellent benefits

As the Information Security Compliance Analyst / Subject Expert, your skills and qualifications will ideally include:

Experience in the defence and aerospace industry covering:
  • Secure commercial, MoD, US, or NATO systems
  • Security evaluation and accreditation support, including interaction with MoD Accreditors.

The successful candidate will have an IT services background including knowledge of some or all of the following:

Commercial IT systems security

NIST-800-171, FedRAMP and DFARS 252.204-7012

MoD Industry Security Notices and Def-Stan 05/138

Cyber Essentials

Cybersecurity questionnaires

Formal accreditation

ISO9001 and 27001 family


Export control and ITAR

Systems engineering, covering:
  • Infrastructure, networking, servers, end-point devices, storage, Email, SharePoints, software operating systems, applications and web-browsing
  • A range of security enforcing functions
  • Cloud storage

    Physical security

    Bid preparation, project lifecycle management, IT service delivery and supply chains

    Risk management, audit and/or quality assurance.

    Excellent Microsoft Office skills including use of Microsoft Project.

Personal Attributes
  • Self-starter, able to operate with minimal supervision
  • Team player with solid stakeholder management capabilities
  • Excellent communication skills in the English language, both written and spoken
  • Excellent document preparation abilities
  • Discretion
  • Keen attention to detail but awareness of the bigger picture
  • An inquisitive mind with the tenacity to challenge the status-quo, develop practical solutions, see things through to the end and deliver in a timely fashion.
  • Applications from candidates with Business French would be particularly welcome as the role is likely to include working with French organisations.

As the Information Security Compliance Analyst/Subject Expert, your main responsibilities will involve:
  • Establish security compliance requirements in respect of commercial terms and conditions, applicable legislation, standards and guidelines
  • Liaise with IT and business stakeholders to confirm current security arrangements and maintain a Systems Security Plan
  • Undertake gap analyses, comparing current security arrangements to the established requirements. Identify security vulnerabilities and liaise with technical specialists and business leads to identify potential solutions. Engage with the project management community to devise plans for implementing those solutions, and oversee their introduction into service
  • Develop Risk Managed Accreditation Document Sets and Security Operating Procedures, and support systems accreditation
  • Evaluate subsequent ongoing service operations to ensure the controls remain fit for purpose
  • Support development of System Security Plans, Risk Managed Accreditation Document Sets, Cyber Improvement Plans and Security Operating Procedures
  • Render security compliance advice to internal stakeholders, and liaise with systems architects and business managers preparing Security Management Plans for bids and projects
  • Respond to external customer security surveys and participate in audits
  • Report progress and compliance against relevant legislation, standards, guidelines and commercial terms and conditions to senior management
  • Other duties as required by the Director of Compliance.

Keywords: Information Security, Compliance, MOD, NATO, Systems Security, NIST-800-171, FedRAMP, DFARS

Information Security Compliance Analyst

Location: Christchurch, Dorset

Salary: very competitive with excellent benefits

Similar jobs

Similar jobs