Cyber Security Assurance Specialist
Goven, Scotstoun or New Malden (1-2 days a week onsite)
6 months
£83.20ph inside IR35 / Umbrella
Role Description
1. Cyber Security gap analysis
2. Cyber assessment / auditing
3. Working with system owners, business owners and being able to articulate cyber security requirements
4. Working on a volume of different systems - understanding different IT and OT technologies to be able to effectively audit different components
5. Experience with defence, government, MOD or somewhere highly regulated like finance, medical etc.
6. Experience with standards such as NIST, ISO27001, Cyber Essentials
7. Deliver cyber assurance services for the Naval Ships business, covering Enterprise Applications and Operational Technologies
8. Risk Assessment of gaps
9. Deliver documentation to demonstrate compliance to internal and external stakeholders
10. Assessment and provision of control effectiveness in managing Cyber security risk
11. Work with security architecture / technical input into the development of secure solutions
12. Support development of strategy and continual service improvement for the Cyber Assurance function
13. Act as a subject matter expert regarding Cyber Assurance activities for the wider organisation
Core Duties
1. Check that all of the systems in place comply with global cyber standard
2. Understand the Cyber security standards - what do the systems must do to be considered secure
3. Check each system against the standard and check the non-conformities, risk assess and work with the business owners or the relevant people to generate a plan
Knowledge, Skills and Qualifications
1. Industry knowledge of industry cyber security standards and/or knowledge of government cyber security standards
2. Cyber Assurance / Assessment / Auditing experience of IT Systems
3. Knowledge of IT application, infrastructure and security technologies
Skills:
1. Proactively engage with System owners to assess their systems
2. Ability to interpret system compliance with IT Security Standard
3. Risk management experience
4. Ability to work autonomously and manage workload and priorities based on demand from multiple projects
Qualifications preferred:
1. CISSP/CISM/CRISC
2. ISO27001 Lead Auditor
3. Cyber Essentials scheme (Ideally would be looking for a lead assessor)
#J-18808-Ljbffr