You are here
Operational Security Manager
- Public Sector Client
- Full Information Security Guidance
About Our Client
My client supports the further education in England by ensuring people and businesses can access the skills training they need to succeed in playing their part in society and in growing England's economy. This is done in the context of policy set by government and informed by the needs of businesses, communities and regions, and sector and industry bodies.
- Take accountability for the successful execution of Digital and Technology (D&T) operational security.
- Ensure that the Security Policies, Processes, Procedures are fit for purpose and comply with government guidelines and best practice. Work with the Information Compliance and Security team to inform the Security Policies, Processes, Procedures.
- Ensure all stakeholders are aware of their security obligations; identify the security obligations that need to be included within contractual agreements.
- Use security governance and reporting, to ensure all stakeholders are security compliant, including the identification and management of security risks. Work with the Service Management teams (internal and external) to lead on security audits and penetration tests, to guarantee adherence to security obligations. Ensure risks & issues and remediation actions are identified, prioritised, recorded, and progressed within appropriate time.
- Manage and reduce the security debt backlog to address security vulnerabilities.
- Work with Information Compliance and Security team and Senior Responsible Officer (SRO) to ensure the correct input into the Risk Management and Accreditation Documentation Set (RMADS) process; own the resolution of D&T output actions from the RMADS.
- Be an advocate for effective and efficient application of Cyber Security and Information Assurance across all services.
- Ensure that Business Continuity and Forensic Readiness plans are aligned with government standards and are maintained and tested periodically.
- Define and assure the security incident management process across the supply chain. Manage root cause analysis and implementation of security improvements for all security breaches.
- Represent at Security Working Groups. This will include Governing the security assurance of services.
- Work with programme and project team to understand security requirements and risk, and to ensure they understand and demonstrate security compliance.
- Work with HR and our ICT suppliers, to ensure that ICT staff and contractors possess the relevant clearance, and have information security awareness.
- Ensure that Physical and Environmental Protection is effectively managed to protect our ICT assets.
The Successful Applicant
You will have experience of government information security guidelines, policies, procedures and processes.
Worked with senior stakeholders.
Experience of RMADS
Ideally you'll have experience of public sector and have experience of the education industry, although both of these are not essential.
What's on Offer
Contract until 31/3/17, with possible extensions.