Security Lead

Dublin  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Description

6 Month contract Initially

Based in Dublin 11

The Role

To perform a security lead role for the project.

The role is to design and deliver a security work programme for the project and take ownership for achieving the desired outputs. A major part of this role will be completing security risk assessments on an on-going basis to support new feature implementations and/or additional Consumer System on-boarding activities.

The role will also be responsible for identifying, advising on, and implementing the required controls to mitigate identified security risks.

The Security Lead will engage with business and technical stakeholders to ensure that the scope of the security programme for the project is defined and delivered based on agreed overarching security goals and requirements.

Principal Duties & Responsibilities include:

  • Defining the overall objectives and scope for a security programme for the project
  • Leading on the overall design and delivery of a security programme of work for the Project
  • Establishing the security programme for the project including overall objectives, required activities, timeframes, deliverables/milestones and resourcing needs
  • Managing assigned resources to the security programme of work
  • Defining the overall level risk appetite from senior leadership by facilitating a process to develop a risk appetite rating Matrix on key areas
  • Confirming a statement of assurance for infrastructure security, network security, and consumer system data management security from appropriate parties
  • Development of a stakeholder list and their respective roles/responsibilities in the context of security
  • Completing on-going reviews of the scope of work for the security programme and re-planning as required
  • On-going short-term (eg monthly) and long-term (annual) reviews of progress against the overall security plan
  • Identifying, managing risks and issues as part of the security programme of work for the project
  • Advising development or planning teams regarding options or decisions relating to the security of proposed technical solutions
  • Review, assessment and recommendation of possible hardware, software product or tool options for security (including but not limited to the Oracle suite of products)
  • Completing an initial risk assessment and defining of associated required controls the Register to ensure risks are mitigated, including:
  • Decide on methodology to be followed (if relevant) (eg, ISO/NIST/OCTAVE/ENISA etc.)
  • Agreeing the risk categorisation and ratings that will be used
  • Performing the risk assessment
  • Categorise, rank and develop appropriate controls
  • Review the outputs of the risk assessment with key stakeholders
  • Engaging with business and technical stakeholders including the Register technical delivery team, the infrastructure team, the business team and the owners of Consumer Systems to ensure delivery of security goals and requirements

Skills

  • Extensive security architecture experience and knowledge
  • Extensive knowledge of security standards (eg, ISO/NIST/OCTAVE/ENISA etc.)
  • Extensive security architecture experience and knowledge
  • Systems architecture and infrastructure design
  • Good working knowledge of information risk analysis/management
  • Strong background in:
    • IT and information security
    • Systems architecture and infrastructure design
    • Software development and project life cycle
    • Skilled documenting solution/technical design
    • Knowledge or direct experience of two or more of
      • HL7 V 2, 3, and FHIR
      • Java
      • JSON
      • XML
      • SQL
      • Working knowledge of Oracle product suite and application stacks
    Working knowledge of Weblogic or equivalent application Servers
Start date
ASAP
Duration
6 months
From
IT Alliance Ltd
Published at
04.03.2017
Project ID:
1298931
Contract type
Freelance
To apply to this project you must log in.
Register