Skip to main content

This job has expired

NIST Cyber Security Auditor

Employer
SPA
Location
Homeworking
Salary
Negotiable
Closing date
24 Nov 2020

THE OPPORTUNITY  

As a member of the wider MCR Global family, you will be joining our small, but rapidly expanding team of consultants here in the UK.  The opportunity is for a NIST Cyber Security Auditor to provide support to a Cyber Resilience Programme (CRP) which is a transformation programme focused on comprehensive change over 10 years.  A NIST Auditor is required to support the CRP on the Security Compliance Assessments project.  This opportunity is remote working with travel to London, Corsham and UK wide.  This opportunity sits inside IR35.

THE CANDIDATE

We are seeking a pro-active NIST Auditor who has demonstrable experience undertaking and developing cyber compliance assessments and is able to build strong working relationships with key stakeholders, including Ministry of Defence (MOD) Compliance teams.

THE ROLE 

  • Contribute to a reduction in MOD’s cyber risk exposure by undertaking NIST compliance assessments across the MOD Top Level Budgets (TLBs), identifying and driving improvement actions at both TLB and cross-Defence levels.
  • Work with key stakeholders including the MOD Governance Risk and Compliance (GRC) team within Cyber Defence and Risk (CyDR) and TLB cyber teams to mature the Cyber Compliance Framework and associated artefacts to enable an initial programme of TLB compliance assessments to be instigated in FY20/21.
  • Undertake the initial programme of cyber compliance assessments.
  • Develop recommendations for the enduring Cyber Compliance Assessments Service from FY2021/22 onwards.
  • Authoring and / or contributing to the following outputs:
    • Updating the Cyber Compliance Framework including:
    • Process
    • Compliance assessment lifecycle and timeline
    • RACI, and docking into existing wider governance mechanisms
    • List of standard artefacts for TLBs to produce
    • Updated Self-Assessment Questionnaire
    • Basic guidance (TLBs and Audit Teams)
  • Producing Compliance Assessment Reports
  • Produce aggregated Compliance Assessment analysis and reporting mechanism and dashboard
  • Offering recommendations for size of a sustainable Compliance Assessment Team and input to future make/buy strategy

ESSENTIAL REQUIREMENTS

  • NIST Cyber Security Professional – Practitioner Level
  • Experience of conducting security assessments including Information Security Management Systems (ISMS), encompassing risk assessments/management and the deployment of appropriate controls
  • Experience of working within Defence including a wide awareness of cyber security across government and industry to include; HMG information assurance policies, standards and guidelines, including the Security Policy Framework, the CESG IA Portfolio and JSP440 (plus other standard MoD IA methods)
  • Experience of working with the ISO27001 Standard
  • Cyber Certified Professional (CCP)
  • Excellent stakeholder engagement and communication skills
  • Minimum United Kingdom SC security clearance with no caveats (DV preferable)
  • United Kingdom national only (no dual nationality)

THE COMPANY

MCR, LLC, is the nation’s premier Integrated Program Management firm. Since 1977, we have delivered ground breaking cost/schedule analysis, acquisition management and program assessment solutions to help government clients success­fully deliver agile and creative programs. MCR’s 400+ professionals provide critical thinking and integrated solutions to customers, enabling them to more rapidly develop complex National Security Space programs.  We value integrity, excellence, honesty, service, and trust. It is through these values that we form long-term client partnerships, build expertise, and attract and retain hardworking employees.

EQUAL OPPORTUNITY EMPLOYER

MCR, LLC is an equal opportunity/affirmative action employer. We will consider you for employment without regard to sex, gender identity, sexual orientation, race, colour, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.

For more information about MCR, LLC, career opportunities, please visit www.mcri.com.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert