Description
Security & Information Risk Advisor (SIRA) - Midlands - Contract - 6 months - Market RatesSC clearance or above required for this role
My leading government client based in the Midlands requires a Security & Information Risk Advisor (SIRA) on an initial 6 Month contract paying market rates.
The successful candidate will undertake risk assessment and audit activities to support compliance with Information Security policies, procedures and associated standards.
Key Skills
- Tests and verifies compliance with information security policies, procedures and legal/regulatory requirements relating to the protection of information.
- Assists with compliance audits against Codes of Connection, HMG Information Assurance standards and requirements of the assessment framework of the HMG Information Assurance Maturity Model (IAMM).
- Assists with the development of Information Assurance compliance and audit plans.
- Recommends responses to audit findings in order to verify on-going conformance to security requirements
- Identifies systemic trends and weaknesses in the Information Security Management System
- Undertakes preliminary or fact finding enquiries into security incidents
- Provides impartial assessments and reports that cover security incidents, investigations and information risk management controls to assist in the improvement of the Information Risk Management strategy.
- Undertakes information risk assessment activities to identify emerging risks in the development cycle of information systems
- Assists in the monitoring of risk treatment controls and reports on their effectiveness
- Assists in the development of Risk Management and Accreditation Document Sets (RMADS)
Essential
- Experience in an Information Security or Information Assurance role
- Knowledge of risk assessment methodologies
- Experience performing information security compliance and audit activities.
- Knowledge of current Information Technology Standards and Techniques including the ISO 27001 series
- Knowledge of the Data Protection Act, Freedom of Information legislation and Computer Misuse Act
Desirable:
- Some knowledge of The HMG Security Policy Framework and associated CESG IA Policy Portfolio
- Experience/knowledge of police service IA conditions (Codes of Connection)