Site Security Controller – This role is full time onsite at DXC Farnborough / Mon-Fri office hours.
*Candidates must be a UK national/British citizen and have resided in the UK for the past 5-10 years to meet current SC and future DV security clearance requirements
*
The Site Security Controller (SSC) acts as the lead security representative for the Facility and functionally report to the Group Security Controller (GSC). The SSC is responsible for a dedicated DXC site but may also have security responsibilities for satellite sites in a wider geographical are
a.
The primary role of the SSC is to ensure their site(s) align with Government Functional Standards such as GovS 007 (Security) Industry Security Notices (ISN's) Facility Security Notices (FSN's) and comply with the DXC and UK Secure Accounts security policy with a focus on Protective Security, physical security policies, processes, procedures and activity that relate to certification for our HM Government sponsored faciliti
es.
The SSC also performs the role of site Crypto Custodian. The Crypto Custodian is responsible to the Group Security Controller for the safe custody, registration, mustering, amendment, issue, safe handling, arranging secure carriage and disposal of Cryptographic items held at their locati
**ons.
Responsibili**
* ties:Ensure that DXC, UK Secure Accounts and account-specific security policies relating to protective security are impleme
* nted.Produce, maintain, issue, and ensure compliance with local site security instructions or brief
* ings.Act as the principal security point of contact for the site during internal or external security au
* dits.Manage a local site Risk Register that covers physical and environmental security risks pertinent to the
* site.Manage a Surreptitious Threat Mitigation Process (STaMP) assessment for each secure area within the
* site.Maintain a register of all security cabinets on their
* site.Ensure that the combinations of secure cabinets are changed according to po
* licy.Perform an oversight of the operation and administration of site security equipment, including CCTV, alarm systems, locks, AACS, and any other equipment used for protective security purposes to ensure that they meet Secure Accounts requirem
* ents.Perform an oversight of guarding and reception serv
* ices.Implement and maintain a documented Automated Access Control System (AACS) security zoning policy and authorisation pro
* cess.Implement and maintain a documented Technology Zoning Policy for all UKSA areas on the site. Regularly review access lists to sensitive areas on
* site.Perform or supervise the registration and control of locally held classified as
* sets.Conduct musters and spot checks of classified as
* sets.Act as the on-site security contact for any changes to new or existing office space and the liaison with external authorities regarding any certification requirem
* ents.Ensure the processes for visitors to the site complies with both DXC security policy and Secure Accounts po
* licy.Investigate any reported security incidents in accordance with Security Incident Management policy and act as the escalation point as requ
* ired.Deliver security induction training to new star
* ters.Confirm that IT that is used on the site is accredited and operated in accordance with their respective System Operating Procedures (Sy
* OPs).Confirm that all security measures with respect to joiners, movers and leavers are carried out on the site including all passes and access rights being issued, amended or revoked in accordance with DXC and Secure Accounts poli
* cies.Maintain good working relationships with the Site Lead and other departments on the
* site.Maintain regular contact with local Counter Terrorism Security Adviser (C
* TSA).Perform any other security tasks directed by the
**GSC.
Crypto Responsibil**
* ities:Experienced with the minimum national and departmental baseline measures described in JSP 490 for the secure storage, handling, movement, and routine destruction of Cryptographic mat
* erial.Maintain an accurate and up to date system of Central Accounting for all Cryptographic items issued to their location using a register of Cryptographic items with supporting vouchers to record transac
* tions.Ensure that all personnel employed on COMSEC duties hold the appropriate level of ve
* tting.Issue Cryptographic items on loan to holders and users. Including issuing orders detailing the baseline security measures for the safe handling of Cryptographic items on loan, ensuring that all holders/users have signed and understood these o
* rders.To review the holdings of Cryptographic items at regular inte
* rvals.To comply with key management procedures relevant to their holdings as detailed in JSP 490 and company p
**olicy.
Required**
* Skills:Demonstratable experience of information and/or physical security controls in a Defence or Government capacity, including familiarity with the full range of associated guidance and policy documen
* tation.Ability to obtain National Security cle
* arance.Good Knowledge of NPSA, NCSC, HMG sta
* ndards.Good knowledge of ISO NIST Cybersecurity Framewor
* k (CSF)Good Analytic
* Skills.Ability to communicate well at all
* levels.Evidence of Attending a recognised Crypto Custodians course such as
* UKNDA.Experience of handling Cryptographic ma
terial.