Candidates: Create an Account or Sign In
Candidates: Create an Account or Sign In
Location: Gloucester (minimum of 2 days per week onsite)
Duration: 6 month initial contract OR permanent
(Inside IR35)
Role
Our client, a leader in the Defence & Security sector, is seeking a Lead System Security Engineer with eDV Clearance to join their team in Gloucester. This role is available as both a permanent position and on a contract basis, with a requirement to work on-site for at least two days per week.
Key Responsibilities:
Ensure programme information assets are protected through policy, procedural, and technical enhancements.
Act as a trusted advisor to the programme to ensure industry best practice and customer security requirements are met.
Lead small consultancy engagements and provide clear, evidence-based reports.
Formulate, record, and manage risk effectively.
Decompose security requirements and understand their implications.
Implement Information Assurance (IA) measures to protect and defend information systems.
Apply knowledge of security architecture, PERSEC (personal security), and Cyber Security principles.
Job Requirements:
Forward facing (used to talking to/chairing meetings with customers at a senior level)
Understanding of formulating, recording and managing risk
Understands security requirements and how to decompose them
Knowledge of Information Assurance (IA) processes and procedures
Understanding/experience of Secure by Design
Understanding/experience of waterfall and agile methodologies
Understanding how obsolescence impacts Information Assurance
Supporting the development of Risk Management Framework documents and controls
Preferred Skills:
Worked with MOD or other similar agencies
Experience/understanding of Cryptography including processes and procedures
Experience of assessment of systems in a non-standard environment
Experience of being on a Bid team
Understanding of simulated environments (eg actual vs dummy datasets)
Working knowledge of ISO 27001 or equivalent standards
Working knowledge of NIST Risk Management Framework
Hold a current professional Information Security certification or qualification (e.g. CISSP, CISM, CRISC, BCS CITP)
DV clearance, or the willingness and ability to become DV cleared
Ability to work within a fast-paced environment
Demonstrable knowledge of HMG Security Policy Framework, ISO 27001 and NIST Risk Management Framework.
Benefits:
Opportunity to work in a fast-paced and dynamic environment.
Professional development and training opportunities.
Access to a comprehensive employee benefits package.
If you have experience in systems engineering and information security and hold a current eDV clearance, we would love to hear from you. Apply now to join our client's team in Gloucester
