|Job Ref:||204628772||Employer:||cv-library.co.uk||Job Type:||Permanent||Country:||United Kingdom||County/State:||Cambridgeshire||City:||St Neots||Address:||Post Code:||PE19||Salary:||£40000 - £42000/annum||Post Date:||06/10/2016 03:45|
An ITSO is required to join the established MASS internal security team. The ITSO will provide impartial management advice on the Information Assurance (IA) of Information Systems (IS) in-line with Government and Company security policy. They will contribute to development of Security Operating Procedures (SyOPs) for new IT systems, provide advice on compliance with IT security policy and liaise with the accreditors on changes to systems.|
The role will include internal auditing, assessing Company infrastructure and data to identify vulnerabilities caused by weaknesses or flaws in software and hardware, which could expose the infrastructure to a security breach. They will make recommendations to improve security based on their assessments and knowledge of current and emerging threats, provide the lead in investigations into security incidents and ensure all Company security policies are followed.
The preferred candidate will hold an Information Security qualification such as CISSP, CISM or CISA, and be conversant with HMG / CESG IA publications and the ISO 27001 standard. A good understanding of the application of security controls to IT systems is essential. The successful candidate will be a strong team player with excellent communication skills, and will be required to hold, or be in a position to qualify for Developed Vetting (DV) Security Clearance.
Mandatory Skill Requirements:
TCP/IP Network Understanding
Tools & Methodologies
IT Security certifications (CISSP, CISM, ISO 27001).
Competent in the use of the MS Office suite.
Ability to take a rounded view of security issues and make risk judgements across the relevant scope.
Conducting Compliance Audits against internal systems iaw ISO 27001:13
Ability to explain secure system designs in terms of business risk.
Hold a Full UK Driving Licence.
Desirable Skill Requirements:
Tools & Methodologies
JSP 440 MOD Manual of Security,
JSP604 Defence Manual for Information and Communications Technologies (ICT).
Familiar with the following Risk tools:
HMG IS1 & 2 Risk tool methodology.
Experience in writing or updating information assurance operating policies and compliance procedures.
Awareness of ITHC requirements and analysis of results