Accessibility Links

IT Security Officer/Compliance Manager

  • Salary: Competitive Salary + Benefits
  • Job type: Permanent
  • Location: Carterton, Oxfordshire
  • Sector: Security
  • Date posted: 20/11/2018
  • Job reference: BBBH93192

IT Security Officer/Compliance Manager

Location: RAF Brize Norton, Oxfordshire (with travel)

Permanent

Salary: Competitive Salary + Benefits

Working for the UK's leading Engineering Support Services organisation a position is available for an IT Security Officer/Compliance Manager as part of their Aviation division.

As an IT Security Officer (ITSO)/Compliance Manager you will oversee and provide security advice on the implementation of all Communications and IT Systems for FSTA (AirTanker) and UKMFTS programmes dealing with policy and documentation of HM Government, MoD and commercial systems, as well as investigation and reporting of IT security incidents.

You will form part of the FSTA Compliance team that provides a focal point for all Health Safety, Environmental and Quality.

Whilst the role and primary area of responsibility will be at the AirTanker Hub at RAF Brize Norton, the ITSO/Compliance Manager will be required to provide support to other sites associated and supported by these programmes; it is anticipated that 60% of the role will be centred at RAF Brize Norton with the remaining 40% at UKMFTS HQ in Bristol. Periodic work at UKMFTS sites at RAF Valley, RAF Cranwell, RAF Cosford, RAF Shawbury and RNAS Culdrose should be expected.

Responsible for providing security advice in conjunction with respective site security controllers and the central Information Assurance team to installation staff, system users and IT Project teams.

Production and maintenance of security policy documentation for IT systems including: Security operating procedures, risk management accreditation document sets and code of connections; auditing and measuring system compliance with these documents. Ensure Site Coordinating Installation Design Authority (SCIDA) policies are adhered to and maintained to ensure certification is maintained. This includes updates to code of connection activities for legacy, third party and/or Picasso infrastructure.

Monitor the implementation of hardware and software changes and enhancements to ensure that maintenance is carried out without endangering security for Legacy and Picasso systems.

Assess IT compliance with policies and procedures, driving remediation where non-compliance exists, and imposing sanctions and restorative actions to regain compliance.

Essential Skills

The successful candidate will be an experienced IT Security professional, with working knowledge of HM Government standards including JSP440, JSP604 and Security Policy framework (SPF), HM Government Information Assurance standards and their implementation

Experience of producing security documentation including security operating procedures, accreditation document sets, RMADS and relevant interface code of connections.

Knowledge of Cyber Essentials Plus and National Institute of Standards and Technology (NIST-Cyber Security Framework, ISO27001/ ISO27005, National Cyber Security Centre (NCSC good practice guides and NCSC approved products) and Business Continuity practices ISO22301.

Strong technical domain expertise with IT infrastructure, networks, systems, and hosted services.

Strong communicator, confident building relationships with key customers.

Flexibility to travel and provide support across various locations.

This role requires the individual to hold or be able to obtain SC Clearance on acceptance of the position.

If you are interested in applying, please send your CV to Gemma Roberts for more information.

Similar jobs
View more similar jobs