Cyber Security Assurance Practitioner
Based in Preston / Farnborough (Remote working available)
£38,000 - £42,000 per annum + 2.5% bonus
Must be eligible for SC Clearance
Your role will be to ensure systems/services are built and configured in-line with applicable Cyber Security Standards.
What you'll be doing:
Deliver the Cyber through life Assurance capabilities to assure the compliance and effectiveness of applicable Cyber security controls to meet NIST (DFARS), DEFSTAN, HMG Secure by Design requirements and / or Group Cyber Security Standards (GCSS).
Assist in the delivery of Cyber Essentials and Cyber Essentials plus certification across applicable EIT enterprise managed networks (UK and International) to meet MoD DEFCON contractual requirements.
Support other Information Security certifications such as ISO/IEC 27001 / FAR to underpin international networks and differing overseas requirements.
Support the delivery of an intelligence led and risk-based compliance programme across Sectors, UK Business Groups and Service Providers to underpin HMG Secure by Design requirements.
Report the Performance / Health of applicable security controls to assure compliance and effectiveness aligned with NIST (DFARS), DEFSTAN, HMG Secure by Design requirements and / or Group Cyber Security Standards (GCSS) to highlight key issues to senior stakeholders.
Your skills and experiences:
Essential:
Strong track records of assuring/auditing the security of services in the Government sector (or commercial organisations bound by HMG standards)
Strong analytical background with the ability to analyse and interpret large and complex data sets and articulate observations, conclusions, and recommendations to senior audiences
Knowledge of HMG and industry standard security policy, standards and good practice guidance and their application to a variety of IT solutions processing protectively marked information
Wide ranging knowledge of application, infrastructure and security technologies and knowledge of implementing them in a secure configuration
Previous exposure to gap analysis reporting
ISO/IEC 27001 knowledge
CISM-P IT Security qualificationDesirable:
NSCP Practitioner Certificate