Cyber Security Risk Manager Lead (MUST HAVE ACTIVE SC)
- Active SC Required
- INSIDE IR35
- Develop 'Secure by Design' protections
- UK Government experience
We are recruiting for a Cyber Security Risk Manager - Lead for Central Government client. The primary focus of the role is to provide the organisation with security advice and best practice to develop 'Secure by Design' protections for organisational assets and embed the Security Framework - principles; policies; processes; threat model; security risk management.
Key outcomes from the role are the identification of security risk within the business context, the identification of appropriate mitigation approaches for business selection and the management of these options through to implementation within the live service. The security advice provided will be informed by threat, vulnerability and risk analysis for business and third parties.
The focus, outcomes and responsibilities are aligned to the Government Security Profession framework of the Cyber Security Risk Manager and Security Architect.
- Knowledge of application, infrastructure and networking security controls and systems covering physical, procedural and technical (ICT) areas, particularly in relation to data management.
- Experienced in providing detailed security advice and technical security solutions in a UK Government Department.
- Knowledge of UK Government Security Policy Framework, Information Assurance Standards, e.g. ISO 27001, DPA.
- Working towards relevant professional qualifications and memberships e.g. Senior Practitioner level within the CESG Certified Professional scheme (CCP), SFIA Level 4-6, Institute of Information Security Professionals (IISP), British Computer Society (BCS).
- Working towards appropriate Cloud Security industry recognised qualifications e.g. Certified Cloud Security Professional (CCSP), CSA Certificate of cloud security knowledge (CCSK).
- Achieved one or more of the following Cloud service providers own technical qualifications;
- Google - Professional Cloud Security Engineer, Associate Cloud Engineer, Professional Cloud Architect
- AWS - AWS Certified Cloud Practitioner, AWS Certified Security - Specialty, AWS Certified Solutions Architect - Associate or Professional
- Azure - Microsoft Certified: Azure Security Engineer Associate
- Track record in working as part of a multi divisional team covering a multi-discipline environment.
- Work within a joint DevSecOps team, designing, delivering and managing secure Cloud systems.