This job has expired

Information Assurance Consultant

identifi Global Resources
Closing date
15 Sep 2021

View more

Technology & New Media
Contract Type
You need to sign in or create an account to save a job.
Information Assurance Consultant

Location: London


Salary: £69,500 - £79,500

Due to the nature of this role, we require someone who is a sole UK National with a current DV clearance.

The Opportunity:

We are looking for an Information Assurance Consultant to join as a member of the Project Assurance team within the Intelligence Solutions Business Unit, this role will be based in central London with travel.

You will be responsible for taking the lead in providing rigorous assessment and validation of the information assurance competences of a solutions design and deployment. It is essential that you have a sound technical understanding of electronic security measures and how any cryptographic security measures may be implemented into the solution. You must also have a good practical experience of cyber security, security operations, configuration management and must be aware of the principles of risk management.

You will receive direction from the Accreditor, the Information Risk Owner (IRO), the Defence Crypto-security Authority (DCA), the Project Board, and the Project Manager.

This role requires you to take ownership of any unresolved security matters and co-ordinate the resolution with the relevant stakeholders, accreditation bodies and Security Working Group (SWG).

It would be great if you had previous expertise of working in the information assurance and cyber security arena in both government and industry.

What you will do:

  • Have a good knowledge of the relevant HMG, CESG and MOD (mainly JSP) policy and guidance.
  • Ensure appropriate action is taken to enable accreditation.
  • Provide advice on security policy and technical solutions.
  • Ensure that National and MoD Cryptosecurity and security policy is being correctly applied.
  • Monitor security considerations that are being incorporated and report on them to the SWG.
  • Establish the Terms of Reference for the SWG.
  • Organise the Project SWG meetings around a status list of requirements for each accreditation or re-accreditation covering COMSEC, COMPUSEC, TEMPEST, Key management and P3 (Physical, Procedural & Personnel) measures for each project or phase.
  • Highlight and report unresolved security difficulties to the SWG.
  • Inform the Project Board, through the Project Manager, of the SWG decisions.
  • Ensure that the configuration management procedures meet the criteria for the required level of assurance and that Cryptonet Controlling functions are in place where necessary.
  • Liaise with the National Security Authorities advisors, the Defence Cryptosecurity Authority and TLB Principal Security Advisors (PSyA) and advise the SWG as appropriate.
  • Ensure that the security deliverables are available as and when required by the project plan.
  • Responsible for the production of all security deliverables (e.g. security documentation) and ensure that they are fit for purpose (to the satisfaction of the Accreditor).
  • Staff and coordinate the input to Sy Ops and any P3 measures required.
  • Arrange with Accreditor for the issue of Interim and/or full accreditation certificates as required by stages of the project.Co-ordinates the Project Cryptographic Plan.
  • Ensure that all Project security related risks, as identified by the Accreditor and/or SWG, are promptly listed on the Projects Risk Register and reviewed at each SWG meeting.
  • Ensure that a Project Information Risk Owner has been identified.

What we are looking for:

  • CESG Certified Professional (CCP) or equivalent CESG Listed Advisor (CLAS)
  • Fundamental understanding of HMG Security Policy Framework, MoD JSP440 and ISO 27001 accreditation with the capability to create and maintain supporting documentation in relation to a Risk Management Accredited Document Set (RMADS)
  • Production and review of IS1&IS2 Risk Management and Accreditation Document Sets (RMADS) within a UK MoD (JSP 440) environment
  • DSAS in an IA and IT Security role and able to clearly demonstrate recent experience of working within an Information Security and Information Assurance environment
  • Defence/MoD experience (Highly desirable)
You need to sign in or create an account to save a job.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert