Location:
Reading, West Berkshire - Hybrid
We are seeking a highly skilled Senior Information Systems Security Specialist to provide in-depth analysis of risks to the organisation’s information systems. In this role, you'll inform risk owners and project managers, enabling effective decision-making to protect assets. As a trusted advisor to the CISO and the information security management team, you will deliver expert advice on security protocols, ensuring that technical security guidance is available for IT projects when needed. You will play a key role in developing and implementing the security architecture, emphasising essential security controls to safeguard systems.
The ideal candidate will bring a strong background in security assurance, combined with working knowledge of industry accreditation and assurance frameworks. Knowledge of CISM, XCCP, and ISO 27001 standards is highly desirable.
Key accountabilities:
Work with functions, projects and the supply chain to assess the sources of Information Risk and make recommendations on how these are to be managed.
Lead maintaining awareness of HMG, MoD and industry best practice in Information Assurance and Information Risk Management.
Determine how the overall security architecture applies to projects under consideration and advise project solution architects on security requirements.
Review high and low level solution designs for compliance with overall security architecture, achievement of security requirements and overall efficacy of the security features and tools.
Facilitate the formal accreditation of corporate systems and of other specified systems.
Oversee IT Health Check and Vulnerability Assessments by approving scope of tests and overall testing programme.
Advise managers on the appropriate level of risk tolerance.
Record and track assessments of information capability and projects supporting reviews and audits as necessary.
Provide technical risk assessment analysis.
Develop the professionalism of Information Risk Management.
Attend project Security Working Groups and manage when appropriate.
Minimum Requirement:
Strong background in security assurance
Working knowledge of industry accreditation and assurance frameworks.
Knowledge of CISM, XCCP, and ISO 27001 standards is highly desirable.
Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let us know.
If you consider yourself to have a disability or if you are a veteran, and you meet the essential criteria for the role, you will be put forward for the ‘Guaranteed Interview’ scheme whereby you will have the opportunity to discuss this role and your suitability with a member of the Sourcing team.
As an Equal Opportunities Employer, we provide the best talent and encourage all applications regardless of background, in line with our commitment to diversity, equality and inclusion.