InfoSec Engineer required to provide Support to Information Security Risk Analysis and Risk Treatment for systems developed and delivered by the client, responsible for the promotion and realisation of the InfoSec strategy on given projects.
The contract is for 6 months initially (on-going thereafter) with a competitive hourly rate offered.
Typical activities will include:
- Involvement in entire systems engineering life-cycle of delivered systems including specification of security requirements, development of security architectures, reviewing design and implementation, specification of verification requirements and review of verification outputs.
- Development of Risk Management and Accreditation Documents for delivered systems in accordance with UK MOD requirements.
- Application and interpretation of HMG and MOD Infosec Policy.
- Support to client use of HMG security evaluation schemes such as IT Health Check, CAPS. - Contribution to and conduct of trade studies related to security.
- Assist in the integration of Infosec activities with system engineering and design programs to ensure the timely delivery of material supporting the security case.
- Liaison with customers, accreditors and technical authorities.
The successful candidate will have the below skills/experience:
- Demonstrable knowledge of systems engineering, electronics principles and software technology and development principles as applicable to system development projects.
- Demonstrable knowledge of the application of HMG and MOD Infosec Policy and Guidance.
- Exposure to generation of Risk Management and Accreditation Documents. General: - Experience of product / systems development environment.
- Ability to work as part of a multi-disciplinary team.
- Effective written and verbal communication skills with ability to adapt message content depending on audience or stakeholder set - Ability to discern the key technical, commercial, and programme influences from available noisy information
- Systems thinker and systems engineering experience.
Candidates must be willing to undergo the security vetting procedure.