Cyber Security Shift Analyst
Posting Date: 16 Jan 2025
Function: Security
Unit: Business
Location: Manchester, United Kingdom
PLEASE NOTE THIS ROLE REQUIRES SC CLEARANCE
The Cyber Security Governance & Assurance Specialist executes a range of workstreams in delivering contributions to the BT Group's overall cyber security risk management program, which is designed to ensure that the BT Group's technology systems and data are adequately protected.
What you’ll be doing
* Provide security leadership and assurance for a specific BT Defence customer contract.
* Act as the primary security contact, interfacing with your peers within BT and our partners.
* Work with the existing team to understand the security requirements, ensuring deliverables are planned and aligned to the wider contract schedules.
* Undertake threat assessments and risk assessments.
* Select and apply security controls from baseline control sets.
* Direct the delivery and maintenance of the security accreditation.
* Follow and embed Secure by Design and Secure in Depth principles through delivery and in-life.
* Manage the through life Security Management Plan and ongoing assurance of the service.
* Manage IT Health Checks (ITHC’s) and associate corrective plans.
* Manage and lead operational risk relating to people, information, assets, revenue, and reputation, to ensure compliance with relevant security requirements.
* Provide security advice and direction to stakeholders within BT and our external customer(s).
* Be a key representative at Security Working Groups (SWG).
* Work with our security operations team to ensure alignment and support from existing processes.
* Be a security ambassador for our company, our customers, and our team.
What you'll need
* Already hold or be capable of achieving and maintaining the required security clearance (SC as a minimum).
* Have a proven track record in security and information risk management.
* Have experience in the generation and presentation of security documentation (RMADS, Security Cases, SyOPs etc.).
* Be capable of influencing and transferring expertise to enable change whilst maintaining compliance to secure working requirements.
* Understand that Defence assurance is going through a transformation and the need to adopt Secure by Design and Secure in Depth principles.
* Have the opportunity to develop your Defence knowledge & information assurance skills, learning from those around you.
* Have knowledge and experience (preferred) of the following security standards - ISO27001, MoD JSP604, 440 & 490, NIST Cyber Security Framework, NIST 800-53-r5; NIST 800-37.
* Be excellent at stakeholder management and be able to work with (and provide security support to) peer SMEs from other disciplines.
* Be experienced in working in major public industry sectors e.g. Defence (MoD) and/or HM Government departments or agencies.
* Have a NIST Cybersecurity Professional certification.
* Have a NCSC Certified Cyber Professional (CCP) Information System Security Manager and/or Security & Information Risk Advisor certification or background.
* Have a Certified Information Systems Security Professional (CISSP) certification or background.
* Have a Certified Information Security Manager (CISM) certification or background.
What’s in it for you?
* Competitive salary and on-target bonus plan
* Flexible and smart working
* Training and development opportunities
* Competitive share options and pension scheme
* Access to discounts on BT & EE products
* 25 days annual leave (not including bank holidays)
* 3 days paid volunteering a year
* Weekly Hours: 37.5
* Position Type: Full-time
* Contract: Permanent
#J-18808-Ljbffr