The duties of the position shall include ensuring existing systems and new systems conform to industry accepted standards, legal requirements and policy requirements.
- Major contributor to the creation and maintenance of group wide Cyber Security focussed policies and standards
- Work with the IT & business stakeholders to interpret and implement cyber security requirements
- Work with development teams to ensure a Secure Software Development Life Cycle.
- Assessment of the organisation’s current cyber security posture against good practices and industry standards
- Coordination and/or performance of cyber security risk assessments on projects/programmes/changes to identify cyber security risks
- Work with technical & programme teams to define & agree cybersecurity risk treatment plans to ensure treatment of identified risks in line with internal and external requirements
- Support customer bid activity and be the focal point for such requests in the Information Assurance (GRC) team
- Contribute to the development & maintenance of the Bid Library
- Conduct compliance assessment to ensure the achievement of the organisation’s cybersecurity objectives.
- Contribute to internal & external events showcasing our cybersecurity experience.
- Work closely with the SOC teams to support incident and threat management activities
- Produce regular management reporting around the above activities.
- Promote our cybersecurity experience during internal and external events
- The role is based in Birmingham but may require travel to other SCC Group locations, which may include international travel.
Skills, Knowledge, Experience (essential):
- Minimum 5 years’ experience in technical/risk-based Security roles
- Broad experience of information security risk assessment methodologies
- Public and Private sector experience preferable
- Good working knowledge and experience of security related technologies eg. Firewalls, Routing, Intruder Detection Systems, Operating Systems, Databases and Common Application Architecture
- Ideally holds DV/SC/NPPV security clearance, and must be willing/able to obtain such clearance as required
- B.S. degree in Computer Science, Software Engineering, MIS or equivalent preferred
- Information Security Certification, such as CISSP, Security+ or CISA.