Role: Senior Systems Security Specialist
Job Ref: QAD 2111/0611
Pay Rate: Competitive Market Rate
Hours per week: 37 hours per week
Contract Length: Initially 12 months
Location: Reading, West Berkshire - Hybrid
We are seeking a highly skilled Senior Information Systems Security Specialist to provide in-depth analysis of risks to the organisation’s information systems. In this role, you'll inform risk owners and project managers, enabling effective decision-making to protect assets. As a trusted advisor to the CISO and the information security management team, you will deliver expert advice on security protocols, ensuring that technical security guidance is available for IT projects when needed. You will play a key role in developing and implementing the security architecture, emphasising essential security controls to safeguard systems.
The ideal candidate will bring a strong background in security assurance, combined with working knowledge of industry accreditation and assurance frameworks. Knowledge of CISM, XCCP, and ISO 27001 standards is highly desirable.
Key accountabilities:
* Work with functions, projects and the supply chain to assess the sources of Information Risk and make recommendations on how these are to be managed.
* Lead maintaining awareness of HMG, MoD and industry best practice in Information Assurance and Information Risk Management.
* Determine how the overall security architecture applies to projects under consideration and advise project solution architects on security requirements.
* Review high and low level solution designs for compliance with overall security architecture, achievement of security requirements and overall efficacy of the security features and tools.
* Facilitate the formal accreditation of corporate systems and of other specified systems.
* Oversee IT Health Check and Vulnerability Assessments by approving scope of tests and overall testing programme.
* Advise managers on the appropriate level of risk tolerance.
* Record and track assessments of information capability and projects supporting reviews and audits as necessary.
* Provide technical risk assessment analysis.
* Develop the professionalism of Information Risk Management.
* Attend project Security Working Groups and manage when appropriate.
Minimum Requirements:
* Strong background in security assurance.
* Working knowledge of industry accreditation and assurance frameworks.
* Knowledge of CISM, XCCP, and ISO 27001 standards is highly desirable.
#J-18808-Ljbffr