The Cyber Security Governance & Assurance Specialist executes a range of workstreams in delivering contributions to the BT Group's overall cyber security risk management program, which is designed to ensure that the BT Group's technology systems and data are adequately protected.
What you'll be doing
* Provide security leadership and assurance for a specific BT Defence customer contract.
* Act as the primary security contact, interfacing with your peers within BT and our partners.
* Work with the existing team to understand the security requirements, ensuring deliverables are planned and aligned to the wider contract schedules.
* Undertake threat assessments and risk assessments.
* Select and apply security controls from baseline control sets.
* Direct the delivery and maintenance of the security accreditation.
* Follow and embed Secure by Design and Secure in Depth principles through delivery and in-life.
* Manage the through life Security Management Plan and ongoing assurance of the service.
* Manage IT Health Checks (ITHC's) and associate corrective plans.
* Manage and lead operational risk relating to people, information, assets, revenue, and reputation, to ensure compliance with relevant security requirements.
* Provide security advice and direction to stakeholders within BT and our external customer(s).
* Be a key representative at Security Working Groups (SWG).
* Work with our security operations team to ensure alignment and support from existing processes.
* Be a security ambassador for our company, our customers, and our team.
Qualifications
* Already hold or be capable of achieving and maintaining the required security clearance (SC as a minimum).
* Have a proven track record in security and information risk management.
* Have experience in the generation and presentation of security documentation (RMADS, Security Cases, SyOPs etc.).
* Be capable of influencing and transferring expertise to enable change whilst maintaining compliance to secure working requirements.
* Understand that Defence assurance is going through a transformation and the need to adopt Secure by Design and Secure in Depth principles.
* Have knowledge and experience (preferred) of the following security standards - ISO27001, MoD JSP604, 440 & 490, NIST Cyber Security Framework, NIST 800-53-r5; NIST 800-37.
* Be excellent at stakeholder management and be able to work with (and provide security support to) peer SMEs from other disciplines.
* Be experienced in working in major public industry sectors e.g. Defence (MoD) and/or HM Government departments or agencies.
* Have a NIST Cybersecurity Professional certification.
* Have a NCSC Certified Cyber Professional (CCP) Information System Security Manager and/or Security & Information Risk Advisor certification or background.
* Have a Certified Information Systems Security Professional (CISSP) certification or background.
* Have a Certified Information Security Manager (CISM) certification or background.
With over 175 years of heritage, BT is now the flagship business brand of BT Group. We've brought together our best people and capabilities into a B2B powerhouse serving 1.2 million business customers internationally.
We're a global leader for secure connectivity and collaboration platforms for businesses of all shapes and sizes, from big household names and government departments, right through to sole traders and new start-ups. But it's not just the technology that matters, it's what it can do to help them build stronger, smarter, more secure businesses. We value diversity and inclusion and believe in making a positive impact. We connect for good by championing digital inclusion and equipping people, businesses, and communities with digital skills to thrive. As a member of our team, you will be part of an organisation that celebrates difference, fosters innovation and provides you with opportunities to be your best. With millions of businesses relying on us daily, joining BT means you can be part of a diverse and multi-skilled team that makes a significant impact to society.
#J-18808-Ljbffr