Our client, a leader in the Defence & Security sector, is seeking a Lead System Security Engineer with eDV Clearance to join their team in Gloucester.
Key Skills Required for This Role
Lead System Security Engineer - eDV
Important
Location: Gloucester (minimum of 2 days per week onsite)
Duration: 6 month initial contract OR permanent
(Inside IR35)
Role
This role is available as both a permanent position and on a contract basis, with a requirement to work on-site for at least two days per week.
Key Responsibilities:
* Ensure programme information assets are protected through policy, procedural, and technical enhancements.
* Act as a trusted advisor to the programme to ensure industry best practice and customer security requirements are met.
* Lead small consultancy engagements and provide clear, evidence-based reports.
* Formulate, record, and manage risk effectively.
* Decompose security requirements and understand their implications.
* Implement Information Assurance (IA) measures to protect and defend information systems.
* Apply knowledge of security architecture, PERSEC (personal security), and Cyber Security principles.
Job Requirements:
* Forward facing (used to talking to/chairing meetings with customers at a senior level)
* Understanding of formulating, recording and managing risk
* Understands security requirements and how to decompose them
* Knowledge of Information Assurance (IA) processes and procedures
* Understanding/experience of Secure by Design
* Understanding/experience of waterfall and agile methodologies
* Understanding how obsolescence impacts Information Assurance
* Supporting the development of Risk Management Framework documents and controls
Preferred Skills:
* Worked with MOD or other similar agencies
* Experience/understanding of Cryptography including processes and procedures
* Experience of assessment of systems in a non-standard environment
* Experience of being on a Bid team
* Understanding of simulated environments (e.g., actual vs dummy datasets)
* Working knowledge of ISO 27001 or equivalent standards
* Working knowledge of NIST Risk Management Framework
* Hold a current professional Information Security certification or qualification (e.g., CISSP, CISM, CRISC, BCS CITP)
* DV clearance, or the willingness and ability to become DV cleared
* Ability to work within a fast-paced environment
* Demonstrable knowledge of HMG Security Policy Framework, ISO 27001 and NIST Risk Management Framework.
If you have experience in systems engineering and information security and hold a current eDV clearance, we would love to hear from you. Apply now to join our client's team in Gloucester.
#J-18808-Ljbffr