Security Assurance Consultant - SC Cleared at Ministry of Defence, London/Remote, 8 Months, £Contract Rate

  • Contract Spy
  • Hybrid (London, UK)
  • Sep 18, 2024
6 Months or more Finance

Contract Description

The Ministry of Defence (MOD) is a central government department with a mission to protect our country and provide the ultimate guarantee of its security and independence, as well as helping to protect its values and interests abroad.To do this we have an annual budget of almost £40 billion and a workforce comprising 193,000 people, almost 59,000 of whom are civilians. We currently manage more than £11 billion of spend every year.Our work really matters; we offer engaging roles which have a direct impact on the quality of services we provide. We employ people in many different roles and in many locations across the UK and abroad. We have jobs in policy, finance, HR, IS/IT, commercial and project management and all the types of jobs you would expect to find in a government department, or indeed in the private sector. We also employ doctors, dentists, teachers, police, fire service, quantity surveyors, and engineers to name a few. There are many opportunities to develop and progress both within MOD and across the wider Civil Service, whether you're a permanent appointee or an interim.
 
As a SAC security consultant, you will be responsible for providing security assurance and risk management support to various projects and programmes within the Defence Artificial Intelligence Centre (DAIC). You will act as the main focal point for all security assurance related tasks, working closely with service managers, stakeholders, technical teams and other security professionals. You will also facilitate security working groups, review and assess security controls, produce and maintain security documentation, and support the assurance process under secure by design.Contributing to the development and review of security documentation and security relevant design documentation, the assurance of the required deliverables and assurance of the IA evidence in the form of documentation, processes, test plans, reports, and risk management activities to the Security Working Group, SRO, Project Board and Assurer to meet objectives defined in work packages and measured key deliverables and associated KPIs for Gen AI delivered projects.As a Security Assurance Consultant, your main responsibilities will be:Conduct security risk assessments and advise on risk mitigation strategies for DAIC projects and programmesDefine and implement technical and non-technical security controls in accordance with DAIC policies and standardsProduce and maintain security documentation such as risk management and assurance document sets, security operating procedures (SyOPs), security test plans, etc.Establish and chair security working groups to coordinate security activities and resolve security issuesLiaise with MoD authorities, assurance, and other external parties on security assurance mattersMonitor and report on the security status and performance of DAIC services and systemsSupport the continuous improvement of security assurance processes and practices within DAICEssential:Valid SC clearance as a minimum, with the ability to obtain higher clearances if requiredCCP Senior SIRA or equivalent certification for example CISSP or UK Cyber Security Council ChartershipMinimum of 5 years of experience in information security rolesDemonstrable experience in delivering information risk management and governance, risk, and compliance (GRC) services to large and complex organisationsDemonstrable experience in defining and implementing security controls for various platforms and technologies, such as cloud, network, application, etc.Excellent understanding of the vulnerabilities and threats that exist within modern ICT and how to mitigate themThorough knowledge of MoD security policies and standards, such as JSP 440, JSP 604, etc.Thorough knowledge of MoD assurance process and requirements, such as Secure by Design.Experience of working with civilian, military, and contractor staff within the MoD and wider defence industry.Excellent communication, presentation, and stakeholder management skillsAbility to work independently and as part of a teamDesirable:Experience of working with security frameworks and standards, such as NIST 800-53, CIS Top 18 CSC, ISO 27001, etc.Experience of using security tools and techniques, such as vulnerability scanning, penetration testing, etc.Experience in securing Generative AI systems and modern software developments practices.
 
Please be aware that this role can only be worked within the UK and not Overseas.Disability Confident As a member of the Disability Confident Scheme, the MOD guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group.Armed Forces Covenant MoD JFC guarantees to interview veterans or spouses / partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates / military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group.In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different.