The role
As an InfoSec Assurance Manager, you’ll have a role that is out of the ordinary, You will be part of the Info Security team which is part of the UK Security Services team at QinetiQ. This team is the central authority for all aspects of UK information assurance and security, focused on establishing and embedding policy and verifying that those policies are appropriately applied.
Day-to-day, you will review and approve installation designs for corporate infrastructure IT and business unit networks/mission systems and carry out inspections on completion, across multiple sites and locations. Ensure that installations are compliant with good engineering practices, health and safety and adhere to JSP604 Leaflet 4800. In addition to this, carry out spot checks and audits of Corporate Network Equipment Rooms (NERs) to ensure continued compliance.
You will also provide technical and security-centric advice and guidance to UK Sectors. Advise on compliance against QinetiQ policies and relevant MOD and HMG standards and policies. Manage the operation of and undertake TSCM (Technical Surveillance Counter Measures) sweeps and physical searches on a scheduled plan basis and as requested prior to meetings and/or trials. Assist in the procurement and bid process through the implementation of DCPP (Defence Cyber Protection Partnership) submissions for business development in the successful award of future MOD contracts.
In this position you will:
1. Work closely with UK Security Services teams and MOD SCIDA (Site Co-ordinating Installation Design Authority)
2. Ensure all installations are completed to an acceptable standard and follows QinetiQ Good Engineering Practices
3. Work on projects for new installations, ensuring that configuration control is maintained
4. Utilise the QinetiQ InfoSec SCIDA database (or similar) as a record of the installation in managing the Change Control Process.
5. Administration of the SCIDA queue in Cherwell including backend administration of tickets when closed to make sure all Data Centres, MNERs and NERs are compliant
Essential experience of the InfoSec Assurance Manager:
6. Good working knowledge of MOD Installation Standards Policy and governance of the physical and environmental aspects of MOD ICT to ensure compliance with the Government Functional Standard GovS 007: Security
7. Good working knowledge of MOD documents including JSP604 Leaflet 4800 and SDIP 29.
8. Good working knowledge of HMG Information Security & Information Assurance policy and processes
9. Good working knowledge of security issues and procedures both physical and IT related
10. Good working knowledge of commercial IT related standards (e.g. ISO 27001 series, UK NCSC Cyber Essentials, NIST Cybersecurity Framework)
Qualifications for the InfoSec Assurance Manager:
We value difference and we don’t have a fixed idea when it comes to background or education, provided you can show the required level of experience and willingness to learn then we would like to hear from you.
Our Benefits
11. Adaptive and flexible working
12. Generous holiday allowance
13. Health Cash Plan, Private Medical Insurance and Dental Insurance
14. Matched contribution pension scheme, with life assurance
15. Employee discount portal: Personal Accident Insurance, Travel Insurance, Restaurants, Cinema Tickets and much more.
16. Holiday Trading is a benefit that allows most employees to buy up to 5 days’ additional leave.
17. We are proud to support the Armed Forces community by honouring the Armed Forces Covenant.
18. Payroll Giving and Volunteering - helping charities and local community.
Our volunteering programme enables our people to use their professional skills to make a positive difference in our local communities, for example STEM (Science, Technology, Engineering and Maths) ambassador days in schools. We support a number of charities that are important to our people, including those which help the defence community.