The role:
* To provide a focal point for resolution of security and information risk matters
* To identify, analyse and evaluate information risks
* explain to risk owners and other stakeholders the causes, likelihood and potential security impacts of information risks throughout the information system lifecycle
* To assist checking compliance with applicable regulations, standards, policies and guidance on information risk management
* To present risk management options to Security Manager and CISO
* To support the development of appropriate and proportionate documentation to inform risk management decisions, ensuring these are expressed in terms meaningful to the business.
* To support investigation of security incidents and opportunities for process improvements
* To ensure security awareness is promoted, understood and effective
Essential:
* Experience in Operational Cyber Security and Information Assurance
* Working with challenging deadlines and competing priorities
* Attention to detail with a methodical approach and time management skills
* Knowledge of HMG IA standards, security operating processes and procedures
* Knowledge of Ministry of Defence (MOD) IA standards, security operating processes and procedures
* Previous experience of MOD Operational Cyber Security and Information Assurance
* Understand the threat environment and provide timely threat updates using externally available resources such as UK-CERT, US-CERT, CISP, ISF
Desirable:
* Ability to write concisely in a customer focused manner
* Ability to multitask and manage high volumes of work
* NCSC Certified Cyber Professional (CCP) in one or more role
* Member of a relevant professional body (e.g. SyI, IISP, BCS, ISACA, ISC2, NCSC)
* Related Degree or Qualification (e.g Security Plus, CSyA etc)
* Previous Cyber Security Consulting experience