- duties include (but are not limited to):
- that all of the systems in place in Naval Ships comply with global cyber standard
- security standards– what do the systems must do to consider secure
- each system against the list and check the non conformaties, risk assess and work with the business owners or the relevant people to come up with a plan
Cyber Assurance Specialist - London, United Kingdom - aap3 Recruitment
Description
Job Description
Cyber Assurance Specialist
Role Description;
• Gap analysis
• Cyber assessment/auditing
• Working with system owners, business owners to articulate what we are doing
• Volume of different systems – different IT technologies to be able to deal with auditing with different components
• Ideally from defence, government, MOD or somewhere highly regulated like finance, medical potentially but not ideal
• Managing Personal data, GDPR management would be beneficial
• Deliver cyber assurance services for the Naval Ships business, covering Enterprise Systems, Operational Technologies services and Cloud
• Identification of risk and appropriate mitigations, development & analysis of secure solutions (covering technical / physical / procedural / personnel controls) and assessment of compliance with internal and external standards and regulations
• Deliver documentation to demonstrate compliance to internal and external stakeholders
• Assessment and provision of control effectiveness in managing Cyber security ris
• Provide security architecture / technical input into the development of secure solutions
• Coaching junior members of the team
• Support development of strategy and continual service improvement for the Cyber Assurance function
• Act as a subject matter expert regarding Cyber Assurance activities for the wider organisation
• Interviews will be webex
Core Duties:
Reassess the system
Based on other industry standards – NIST is the national institute standard in technology, US department of comet who publish standards and SP (special publication)
Safety:
The role holder is responsible for taking reasonable care of their own health and safety ensuring high standards for safety, health and environment (SHE) in our organisation are maintained. This includes; co-operating and following all reasonable instruction, information and training; reporting work-related hazards or incidents and using all equipment for the purpose intended. More detailed responsibilities are captured within the Company Health & Safety Policy (759/OF/016) and the Company Environmental Policy (759/OF/029).
Knowledge, Skills & Qualifications:
Knowledge:
• Industry knowledge of cyber security standards or knowledge of government standards
• Cyber Assurance / Auditing experience of IT Systems
• Knowledge of application, infrastructure and security technologies
• Understanding of cyber security standards
Skills:
• Information or cyber security certifications
• Risk management experience
• Ability to work autonomously and manage workload and priorities based on demand from multiple projects
• iso7001 lead auditor, CISSP/ lead auditor/cyber assurance (cyber assessor or auditor)
Qualifications:
• ISO27001
• CISSP – 5 years experience and a sponsor for this
• Cyber essentials scheme (would be looking for a lead assessor)
About the team you'll be working in:
• Team is based across multiple NS sites bnut mainly Scotstoun, New Malden
• Lewis plus 3 Seniors and 3 Specialists plushelp from Graduates, prentices and BAs
• new team being built to meet the cyber security challenges we face as part of the defence sector