|Job Ref:||204776306||Employer:||cv-library.co.uk||Job Type:||Contract||Country:||United Kingdom||County/State:||Yorkshire||City:||West Yorkshire||Address:||Post Code:||WF17||Salary:||£730/day||Post Date:||12/10/2016 03:34|
A Security Assurance Manager is required for 4 months (likely to be extended) based in West Yorkshire. |
Working for the NHS, the Security Assurance Manager will be responsible for rationalising existing policies whilst formulating new ones where necessary; Support in life services with specialist security advice on issues arising, incidents or assurance on new releases. Support new programmes and services, specifically those prioritised under Paperless 2020 to specify and build requirements that are secure by design. Be subject matter experts and knowledge leaders in the refining an implementation of the new Specialist Security Service operating model. Update existing business continuity and incident management plans to include the handling of cyber security incidents. Cyber security incident scenario sessions are to be conducted on a regular basis, the costs of which must be sourced either through the programmes for which the scenarios are being planned or through an appropriate funding route as necessary; Improve metrics and reporting through the implementation of an ISO 27001 Certified Information Security Management System (ISMS);
Facilitates and chairs specific Working Groups, promoting a security awareness culture, on issues such as EUD & BYOD devices, password policy, protective parking, safe and secure disposal through awareness briefings. Managing relationships with key stakeholder groups including Project Teams and the Information Security and Assurance teams. This may take the form of guidance on the threats, risks and mitigations that may be necessary in order to reduce the residual risk levels so that they are within the risk appetite of the system/business owner. Auditing and reporting on the effectiveness of these controls in order to gain an assurance that the project is compliant with current regulations. Supporting, and authoring where required, the generation and through life management of the Risk Management Accreditation Document Sets that support the continuing accreditation of solutions delivered .
Contributes to the development of IT Security Policy and Procedures and the on-going maintenance of all supporting documentation aligned with Security Policy Framework (SPF) Specifying requirements for IT Health Checks or Assessments to ensure identification and scheduled correction of any vulnerabilities to protect other IT systems and services. Alerting the Lead Accreditor, other Security Assurance Coordinators or CIO of unscheduled or rogue changes in Systems and Services, which may affect accreditation.
Top 5 things that NHS Digital is looking for in the person. 1) Information Security Incident Handling and Investigations 2) Assurance documentation assessment and review 3) Experience of public sector 4) Operational Security experience 5) Ability to review source data and coding to identify security flaws and issues.
This role is to start asap and will pay £730 per day