This job has expired

Lead SIRA

Employer
CBSbutler c/o Staffing 360 Solutions Limited
Location
UK
Salary
Competitive
Closing date
23 Jul 2021

View more

Sector
Technology & New Media
Contract Type
Permanent
You need to sign in or create an account to save a job.

Job Details

Lead SIRA

+ 6 month initial contract + expectation of extensions

+ Home based with travel to London and South West

+ £625 to £675 per day + travel expenses

+ Outside of IR35

+ DV Cleared position

Lead SIRA

Summary

To provide business driven advice on the management of security and information risk consistent with HMG IA policy, standards and guidance. The role of a Lead SIRA is to provide the Accreditor with sufficient information on which to base a decision to issue an Authority to Operate. The Lead SIRA is to provide security oversight and governance across the Programme and to direct SIRA resources, deliverables and outcomes across the Programme portfolio.

Role Profile

+ Identification of assets that require protection;

+ Identification of relevant threats to the assets;

+ Identification of exploitable vulnerabilities;

+ Assessing the level of threat posed by potential threat agents;

+ Producing an information security risk assessment;

+ Determining the business impact of a risk being realised;

+ Developing information risk management strategies to reduce the risk;

+ Including information risk management strategies in business risk processes;

+ Gaining management commitment to the support of the information risk elements of business risk management;

Deliverables

The principal deliverable from the SIRA is a Risk Paper, which describes the risks to a system and how these risks are mitigated. The Risk Paper must be completed to the satisfaction of the Accreditor.

For any system the SIRA is assigned to analyse:

+ Ensure they understand its business function and context

+ Ensure they understand the technical solution and how it meets the business requirement

+ With advice from the Accreditor, determine the principal threat sources and threat actors

+ Determine the principal attacks threat actors are likely to apply

+ Determine the impact and probability of the risks associated with the compromise of such attacks being successful

+ Identify technical, procedural and physical controls that will mitigate such risks

+ Determine if the risks are sufficiently mitigated, and if not, what additional controls are required

+ Describe technical risks in business language

+ Provide security advice and guidance to the programme

+ Ensure the system complies with Agency policies and standards

+ Analyse the results of any penetration test and determine the impact on risks associated with the system

The Lead SIRA will also:

Liaise with business, technical, project management staff, and operational staff, as appropriate

Liaise closely with the Accreditor

If requested, write supplementary documents such as SyOPs

Attend appropriate meetings

Knowledge

In depth knowledge of the HMG Accreditation and Compliance regime

Knowledge of ISO27001 and HMG Information Standards and Good Practice Guides

Good understanding of information management

Experience

+Experience working in an Information Security or Information Assurance team

+ Experience of managing projects and workload planning and reporting

+ Proven experience of supervision or first line management

+ Experienced in effective decision making

+ Experience of analysing information from a range of sources

Location of Work

Mainly remote working with some workshops/engagements required for attendance at premises located in Bristol and London.

Where resources are required to attend customer site, the appropriate risk assessments will be carried out in and around Covid 19 topics
You need to sign in or create an account to save a job.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert