Description
Information Assurance Practitioner
Roles and Responsibilities:
- Provide IA guidance, advice and policy as an integrated member of a multi-disciplinary engineering team.
- Accept ownership of, and responsibility for, all aspects of IA within a specified area of responsibility.
- Provide IA guidance and support to design activities through the provision of general consultancy to the Engineering and Supply Chain disciplines.
- Provide IA guidance and support to Suppliers through the provision of general consultancy as required.
- Present at reviews, working groups and other meetings in support of IA work.
- Review IA deliverables from suppliers and provide constructive feedback.
- Conduct HMG-approved Risk Calculations and establish relevant, pragmatic and cost-effective mitigation actions.
- Produce IA documentation, to include full Risk Management and Accreditation Document Sets (RMADS) as necessary.
- Produce regular progress reports.
- Remain current on relevant HMG and CESG security policy and guidance.
Key Deliverables:
- To deliver activities and milestones in accordance with plan.
o RMADS (to include IS1 calculations and mitigations).
o IA guidance documents to internal and external customers.
o Regular progress reports as necessary.
o Written and verbal analysis of technical problems and potential solutions. - Be accountable to the Whole Boat IA Lead for ensuring that the IA analysis in terms of the breadth, depth and methods applied is appropriate, economical and reflects the BIL of the systems in question.
The Individual
- CESG Certified Professional (CPP) Practitioner level or higher preferred
- Recent experience in the conduct of Product IA work against a JSP440 and SPF requirement.
- Recent experience of the production of RMADS against a JSP440 requirement.
- Recent experience of the production of IS1 calculations and the corresponding mitigations.
- Direct responsibility for the accreditation of at least one HMG project in the last five years.
- Five years' experience of Information Assurance work in the Government Sector (Defence, Police, Home Office, Health); Preference will be given to work in the Defence Sector
- A sound knowledge of HMG policies, to include: JSP440, SPF, CESG IA Portfolio
- Excellent presentation and communication skills
- The ability to write accurately, concisely and logically
- The ability to influence others in a challenging environment
Experience of 'Industrial Control Systems' such as 'SCADA' would be beneficial
AAP3 is acting as an Employment Business in relation to this vacancy.