Cyber Security Governance & Assurance Specialist
Posting Date: 3 Feb 2025
Function: Cyber Security
Unit: Business
Location: Assembly, Bristol, United Kingdom
BT’s Defence security team have an exciting new role available, supporting and developing secure practices for new business and existing contracts. This will suit seasoned professionals or emergent talent, giving the opportunity for the right person to bring their experience and fresh ideas to the table. You’ll learn from those around you and be part of a friendly team, where flexible working and good work-life balance is always valued.
What you’ll be doing
* Provide security leadership and information assurance for BT Defence.
* Using your experience, technical expertise and industry knowledge, you’ll provide thought leadership to help shape and assure the future of our new and existing contracts.
* Work with the existing team, technical and business development leads to understand security requirements, lead and support assurance activities, and ensure security is embedded from the outset.
* Provide support to our sales and win-new-business teams to ensure security requirements are understood, such that security deliverables are planned and aligned to other schedules.
* Undertake threat and risk assessments and carryout risk management activities.
* Select and apply proportionate security controls from baseline control sets.
* Produce Security Management Plans (SMP) and Cyber Implementation Plans (CIP).
* Take the necessary action to ensure Secure-by-Design and Secure-in-Depth principles are embedded from the outset and maintained through-life.
* Work with other stakeholders to assure supply chain security and the flow down of security and contractual requirements.
* Provide general security advice and promote best practice, giving direction to stakeholders within BT and our external customer(s).
* Work with our security operations team to ensure alignment and support from existing processes so we are as efficient and effective as possible.
* Be a security ambassador for our company, our customers, and our team.
You'll definitely have
* Already hold or be capable of achieving and maintaining the required security clearance (SC as a minimum).
* Have a proven track record in security and information risk management, complimented with a high degree of technical proficiency and some UK Govt. sector experience.
* Have experience or be comfortable working within a bid team environment (when required)
* Have experience producing security documentation (Security Management Plans, ITT responses, Security Cases, RMADs, SyOPs etc).
* Have excellent verbal and written communication skills.
* Be confident to work with other BT Defence teams (e.g. technical), to understand solutions and provide assurance or advice through a security lens.
* Be capable of influencing and transferring expertise to enable change whilst maintaining compliance to secure working requirements.
* Have knowledge of MoD/UK Govt. Secure-by-Design and Secure-in-Depth principles.
* Have knowledge and experience (preferred) of the following security standards and, NIST Cyber Security Framework, NIST 800-53-r5; NIST 800-37 and ISO 27001.
* Be excellent at stakeholder management and be able to work with (and provide security support to) peer SMEs from other disciplines.
* Be self-motivated and proactive.
* Promote the latest security best practice and awareness.
* Be experienced in working in major public industry sectors e.g. Defence (MoD) and/or HM Government departments or agencies.
* Have knowledge and experience with MoD JSP440/490/604, Cyber Security Model and Defence Standards e.g. forthcoming changes to Def Stan 05-138.
* Have a NIST Cybersecurity Professional certification.
* Be a Certified Cloud Security Professional (CCSP).
* Have a NCSC Certified Cyber Professional (CCP) Information System Security Manager and/or Security & Information Risk Advisor certification or background.
* Have a Certified Information Systems Security Professional (CISSP) certification or background.
* Have a Certified Information Security Manager (CISM) certification or background.
What's in it for you
* Competitive salary and on-target bonus plan.
* Flexible and smart working.
* Training and development opportunities.
* Competitive share options and pension scheme.
* Access to discounts on BT & EE products.
* 25 days annual leave (not including bank holidays).
* 3 days paid volunteering a year.
* Weekly Hours: 37.5.
* Salary: Level D.
* Position Type: Full-time.
* Contract: Permanent.
#J-18808-Ljbffr