Job Title: Senior Cyber Security Architectural Lead
Location: Aldermaston, UK
Job Type: Full-time contract, 12 Months
Job Purpose:
• To provide specialist information security oversight, advice and guidance to Department’s projects and functions on all aspects of information security in order to provide assurance that
functions on all aspects of information security ie and/or classified information assets, materials and/or equipment are subject to an acceptable risk management regime.
Key Accountabilities:
• Provide analysis of risks to information systems in order to inform risk owners and project
managers to allow effective decision making.
• Provide expert subject matter advice to CISO and other elements of the IS management chain.
• Ensure IT projects are provided with timely technical security advice.
• Develop and apply the overall security architecture of the organisation and the place within in it of key security controls.
• Maintains and promotes high personal standards in environment, safety, health, security and quality and be a great team player.
Key Responsibilities:
• Work with functions, projects and the supply chain to assess the sources of Information Risk and make recommendations on how these are to be managed.
• Provide the Department lead for maintaining awareness of Govt. depertment and industry best practice in Information Assurance and Information Risk Management.
• Determine how the overall security architecture applies to projects under consideration and advise project solution architects on security requirements.
• Review high and low level solution designs for compliance with overall security architecture, achievement of security requirements and overall efficacy of the security features and tools.
• Facilitate the formal accreditation by Govt. depertment of Department corporate systems and of other specified Department systems.
• Provide an interface between Department and the National Technical Authority (NCSC).
• Oversee IT Health Check and Vulnerability Assessments by approving scope of tests and overall testing programme
• Record and track assessments of information capability and projects supporting reviews and audits as necessary.
• Provide technical risk assessment analysis.
• Develop the professionalism of Information Risk Management within Department.
• Attend project Security Working Groups and manage when appropriate.