Information Assurance Security Manager
On site Gloucestershire Contract £550 - £650 per day inside IR35
We're currently seeking a number of ambitious Information Assurance Security Managers to work with our exceptional client in a secure environment, supporting challenging and highly rewarding projects.
These contract roles will require you to conduct security clearance prior to assignment. The contracts are open to full time (37.5 hours) and part time (22.5 hours) per week onsite.
The Information Assurance Security Manager is a member of the business unit/mission area who acts as the primary risk management point of contact, acting as the liaison between the business area and key stakeholders in relation to IA and risk management issues. The primary aim is to help those developing systems to understand the Information Security, Legal and Policy risks and to identify suitable mitigations within, and related to, the relevant Frameworks, working with the wider risk management community as necessary.
Main Duties & Responsibilities
- Providing impartial IA advice, risk assessing more complex or non-standard systems and acting as a liaison between the business area and key stakeholders in relation to IA and Risk Management issues.
- Ensuring ongoing engagement with Framework Stakeholders, providing timely, concise information regarding status and progress of relevant security, legal or policy risks, issues and actions, covering the complete lifecycle of a system.
- Co-ordinating, authorising, delegating and performing a range of 'Through Life' end-to-end lifecycle assurance requirements covering a diverse range of capabilities, systems and services, as defined by the Framework Support Group.
- Providing appropriate IRM support, advice and guidance to the relevant business management teams, engineers and user communities regarding all aspects of framework IRM relating to security, legal and policy.
- Pro-actively assessing, managing, maintaining and challenging (if appropriate) business and IRM/security related policies, processes, proposals and procedures, as well as any proposed system changes, balancing these against desired business outcomes.
- Informing key business stakeholders of new IRM and Security Policies, Standards, Guidelines and initiatives that may affect the business area, potentially impacting missions, operations, programmes and projects.
- Ensuring that the IRM Framework Documentation is complete and accurate.
- Ensuring relevant IT Security Policies are followed and any exceptions are escalated appropriately.
- Documenting which systems are accessed by supplier PU personnel.
- Acting as the primary Lifecycle Manager for PU accounts and routinely reviews each PU holder to determine if they still require PU access.
- Contributing to the wider IASM community, including support to the technical development of less experienced IASMs. This includes contribution to the skills assessment process as necessary.
Person Specification
- Experience in an Information Assurance risk management role
- Ability to advice on the application of technical and process controls to mitigate IA risk
- Ability to conduct IA risk assessments
In return:
You'll be joining an ambitious, high-level team of like-minded and highly skilled individuals, all focused on delivering the best possible outcome.
We are focused on bringing and nurturing the best talent into our team, recruiting widely to ensure we are inclusive and providing a supportive and safe environment where people can bring their authentic selves to work to be able to deliver at their best.
This is literally a once in a lifetime opportunity to step away from the mundane and forge your own path in a totally new direction working on life and culture changing projects.
If you're ready for a challenge like no other, apply today.