Site Security Controller (Aldershot/Hook)
Job Description:
At DXC Technology, delivering excellence for our customers and colleagues is more than just a motto; it’s something we strive towards constantly through our work. Every day we deliver mission-critical services in a secure environment whilst promoting our people-first agenda, a real sense of community, and a healthy work-life balance.
We are currently recruiting for an experienced Site Security Controller for our Aldershot/Hook sites.
Successful candidates will be required to currently hold SC clearance or be eligible for vetting.
Key Responsibilities:
1. Ensure that DXC, UK Secure Accounts and account-specific security policies relating to protective security are implemented and enforced locally.
2. Produce, maintain, issue, and enforce local site security instructions or briefings.
3. Ensure that their site retains appropriate client security accreditations (for example FSC), maintaining any account-specific accreditation documents for the site.
4. Act as the principal point of security contact for the site during client or other audits. Any findings should be addressed initially by the SSC and, if required, passed to the relevant stakeholder for ownership and resolution.
5. Periodically review, update, and obtain approval for a local site Risk Register that covers physical and environmental security risks pertinent to the site, and ensure that they are reviewed annually or when a new risk is identified affecting the site.
6. Together with the UKSA SCL and the SDLs of accounts on site, support the process to maintain the ISO 27001 risk register.
7. Maintain a Surreptitious Threat Mitigation Process (STaMP) assessment for each secure area within the site.
8. Maintain a register of all secure cabinets on their site, recording the owner, location, and use.
9. Ensure that the combinations of secure cabinets are changed according to policy, records are maintained, and copies of combinations are kept securely and appropriately protected.
10. Perform an oversight of the operation and administration of site security equipment, including CCTV, alarm systems, locks, AACS, and any other equipment used for protective security purposes to ensure that they meet Secure Accounts security requirements.
11. Perform an oversight of guarding and reception services to ensure that they meet UK Secure Account security requirements.
12. Ensure all staff with access to UKSA areas on site have a DXC Technology Identity Pass (Employees, Contractor, Visitor etc.) and a Secure Accounts Identity Pass.
13. Implement and maintain a documented AACS security zoning policy and authorisation process.
14. Ensure that access lists on the AACS are reviewed on a periodic and regular basis by nominated managers and/or the SSC.
15. Implement and maintain a documented Technology Zoning Policy for all UKSA areas on the site with appropriate signage.
16. Perform or supervise the registration and control of locally held classified assets SECRET and above.
17. Conduct spot checks of classified assets SECRET and above in accordance with DXC4411.
18. Ensure that the use of mobile devices and removable media is controlled and authorised according to DXC4411 PART 1 - Chapter 2: Asset Management.
19. Provide local site support when requested by the Cryptographic Manager and STRAPSO.
20. Ensure the processes for visitors to the site comply with both DXC security policy and Secure Accounts policy.
21. Implement an ‘end of day’ clear desk policy and oversee spot checks to ensure compliance.
22. Investigate any reported security incidents in accordance with PART 1 Chapter 5: Information Security Incident Management and provide a documented report.
23. In conjunction with SDLs confirm that IT that is used on the site is accredited and operated in accordance with their respective SyOPs.
24. In conjunction with the SCT and relevant SDLs, assist in the co-ordination of all security audits at their site.
25. Following an audit, ensure that observations and/or non-conformances relating to protective security are addressed.
26. Confirm that all security measures with respect to joiners, movers, and leavers are carried out on the site.
27. Maintain good working relationships with the SDLs of the accounts based onsite, as well as DXC Resiliency, Facilities, and Business Continuity Planning staff.
28. Maintain contacts with local Counter Terrorism Security Adviser (CTSA).
29. Provide to the GSC a periodic report on the status of the site.
What we will do for you:
* Competitive compensation
* Pension scheme
* DXC Select – Our comprehensive benefits package (includes private health/medical insurance, gym membership, and more)
* Perks at Work (discounts on technology, groceries, travel, and more)
* DXC incentives (recognition tools, employee lunches, regular social events, etc.)
Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services. DXC does not make offers of employment via social media networks and never asks for any money or payments from applicants at any point in the recruitment process.
About Us
DXC Technology (NYSE: DXC) helps global companies run their mission-critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability across public, private, and hybrid clouds.
#J-18808-Ljbffr