Security Specialist

Security Specialist

London and Gloucestershire Contract £500-£650 per day inside IR35

We're currently seeking a two accomplished and highly ambitious Security Specialists to work with our exceptional client, a world class brand in a secure environment to drive major business improvement.

These contract roles require that you already hold an active DV clearance.

The Security Specialist acts as the primary risk management point of contact, acting as the liaison between the business area and key stakeholders in relation to IA and risk management issues. The primary aim is to help those developing systems to understand the Information Security, Legal and Policy risks and to identify suitable mitigations within, and related to, the relevant Frameworks, working with the wider risk management community as necessary.

Main Duties & Responsibilities

• Providing impartial IA advice, risk assessing more complex or non-standard systems and acting as a liaison between the business area and key stakeholders in relation to IA and Risk Management issues.
• Ensuring ongoing engagement with Framework Stakeholders, providing timely, concise information regarding status and progress of relevant security, legal or policy risks, issues and actions, covering the complete lifecycle of a system.
• Co-ordinating, authorising, delegating and performing a range of 'Through Life' end-to-end lifecycle assurance requirements covering a diverse range of capabilities, systems and services, as defined by the Framework Support Group.
• Providing appropriate IRM support, advice and guidance to the relevant business management teams, engineers and user communities regarding all aspects of framework IRM relating to security, legal and policy.
• Pro-actively assessing, managing, maintaining and challenging (if appropriate) business and IRM/security related policies, processes, proposals and procedures, as well as any proposed system changes, balancing these against desired business outcomes.
• Informing key business stakeholders of new IRM and Security Policies, Standards, Guidelines and initiatives that may affect the business area, potentially impacting missions, operations, programmes and projects.
• Ensuring that the IRM Framework Documentation is complete and accurate.
• Ensuring relevant IT Security Policies are followed and any exceptions are escalated appropriately.
• Documenting which systems are accessed by supplier PU personnel.
• Acting as the primary Lifecycle Manager for PU accounts and routinely reviews each PU holder to determine if they still require PU access.
• Contributing to the wider IASM community, including support to the technical development of less experienced IASMs. This includes contribution to the skills assessment process as necessary.

Person Specification

• Experience in an Information Assurance risk management role
• Ability to advice on the application of technical and process controls to mitigate IA risk
• Ability to conduct IA risk assessments