Security IT Policy Consultant - SC Cleared at FCDO, Remote then East Kilbride, 6 Months, £Contract Rate

  • Contract Spy
  • Remote (East Kilbride, Glasgow, UK)
  • Apr 30, 2021
6 Months or more

Contract Description

SC Cleared – Security IT Policy Consultant (Outside IR35)


Location: Home based at present – Must be able to access one of 3 locations during the contract – London, Milton Keynes or East Kilbride

Do you have a valid and active SC Clearance? Are you an experienced Security IT Policy professional looking for a new contract opportunity? If so PSR would like to speak to you!

As a SC Cleared Security IT Policy Consultantyour main responsibilities would be: 

  • To align and integrate the IT security policies and processes of both legacy FCDO departments (FCO and DFID)
  • To carry out a review of the existing policy positions of the legacy departments and the formation of an FCDO information Security Policy Toolkit that is clear, relevant and applicable to the current and future requirements of the department
  • Collate all existing policies, standards and guidelines from the two legacy departments and create a new single coherent set of documents covering the new FCDO as a whole
  • To develop key relationships with the teams for stakeholder engagement, application management and end user device management to ensure that the role holder understands what technology and applications the FCDO is rolling out


You’ll have:

  • A valid and active SC Clearance
  • Knowledge of the HMG Security Policy Framework, NCSC guidance and information security controls and a familiarity with UK legal and regulatory compliance requirements that could affect organisation security and assurance policies
  • Ability to draft accurate, easily digestible documents for a variety of audiences including IT security professionals, senior stakeholders, external IT contractors and end users (including country-based staff overseas for whom English is a second language)
  • Understanding of and/or experience of working with business engagement teams to deliver user-facing security outcomes.
  • Experience and understanding of threat environments
  • Ability to liaise with a variety of stakeholders across the two-legacy departments



You will also have these Qualifications/Skills:

  • ISO27001 lead auditor or equivalent
  • Relevant industry qualifications and accreditations e.g. CISSP, ISO27001 Lead Auditor, CCP SIRA / IA Auditor

It would also be desirable to have:

  • Knowledge of the technologies used to deliver cloud-based services, digital web-based services and the security controls needed to protect these services and the data that they process and store.
  • A clear understanding of Information Security, risk management and experience of working with security audit techniques.