Description
Security Architect - Inner London - Government
Pay Rate: £730 per day
Contract Length: 5 months initially
Location: Inner London
Clearance: SC - Security Check
*PLEASE READ JOB DESCRIPTION CAREFULLY AND ONLY APPLY IF YOU SATISFY THE RELEVANT CRITERIA, APPLICATIONS FAILING TO DO SO ARE UNABLE TO BE CONSIDERED.*
Essential experience:
- Developing and agreeing requirements and objectives for a CSOC in a government of equivalent environment
- Leading the engagement with assessors in a large and complex environment
- HMG security classifications, standards and practices. Delivering projects in the public sector
- Working in a large IT services function
Desirable qualifications:
- M.Sc (or Equiv) in Information Security Management
- CRISC (Certified in Risk and Information Systems Control)
- CISM (Certified Information Security Manager
- CISSP (Certified Information Systems Security Professional)
- (Alternate certification bodies acceptable)
Key tasks & deliverables
- Identifying and clarifying security requirements the CSOC is required to meet or adhere.
- Interpreting security requirements and translating them into clear deliverables.
- Identifying solutions and responses to the requirements.
- Validating solutions and responses with assessors.
- Negotiating interfaces and interactions between the CSOC, the other security work streams and the wider HOT organisation.
- Identifying opportunities for financial savings during the delivery or operation of the CSOC.
- Identifying opportunities for increasing the value of CSOC service
Description
The individual will drive beneficial security change into the business through the development or review of architectures so that they:
- Fit business requirements for security;
- Mitigate the risks and conform to the relevant security policies;
- Balance information risk against cost of countermeasures;
- Ensure security is implemented in a consistent way across the programme, and drive the overall design;
- Working with agile developers and testers to review code, run and manage security tests and provide security assurance the resultant code is safe from a security perspective;
- Working to articulate current risks against the system, the proposed mitigation and support the on-going accreditation process;
- Creating, running and managing the security processes and procedures, both technical and not, to maintain the security of the system, personnel, and appropriate environments;
- Security architecture for the design of secure digital services;
- Security principles for the programme;
- Agile development and programme staff security education;
- Experience in delivering security within Internet facing, transactional digital services is essential;
Please Quote Ref - JSCP0083