Interim Security Assurance Co-ordinator (SAC)
Pay Rate: Up to £547 per day pay range subject to IR35 status
Please note: DV clearance is required.
The Security Assurance Coordinator (SAC) is a member of the Project Assurance Team. You will receive direction from the Accreditor, the Information Risk Owner (IRO), the Defence Cryptosecurity Authority (DCA), the Project Board, and the Project Manager. You must have a sound technical understanding of electronic security measures and how such systems employ any cryptographic security measures that may be implemented into the solution. You must have a good working knowledge of configuration management practices for Information Systems and you must be aware of the principles of Risk Management.
- Analysis of current status of the DEFENCE SHARE Service and Eracent Service and ensure the production of a fit for purpose Security Management Plan and Accreditation maintenance Strategy and/or other supporting documentation and evidence for the review and approval of the SWG as part of the accreditation process.
- Monitor the process of security assurance to achieve accreditation through the life of the service or system, ensuring that risk is appropriately managed through the SWG
- Ensure that security activity and deliverables are represented and resourced in the project/programme plan through-life.
- Any changes to the target(s) of accreditation, security activity and deliverables under configuration management and significant security changes are to be presented to the SWG for approval and reviewed regularly
- Chair the SWG to ensure appropriate stakeholders are informed of SWG decisions, support the review of formal documented minutes as produced by the Project
- Ensure the Accreditation Evidence Statement (AES) is scoped by the project to capture appropriate project requirements
- Ensure that the project/programme governance is in place including identified key security roles and appropriate escalation routes for risks and issues.
- Ensure the existence/production of a valid Risk Management and Accreditation Document Sets (RMADS) and any supporting documentation and evidence is produced as a project deliverable in line with JSP440 and JSP604
- Produce and maintain a security risk register to capture security associated risks and/ or issues affecting project/programme delivery to support risk mitigation.
- Ensure that relevant security policy is correctly applied
- Support to Design Authority Triage Meeting (DATM) and SACaas Workflow mgt process.
- Support to the ISS customer sentencing panel to support the SACaas Workflow mgt process
Essential Experience & Qualifications;
- Reviewing, writing and completing MOD IA documentation to enable the hosting environments, to be security accredited in line with MOD IA JSP 440 Policy and achieve approval to operate in accordance with MOD JSP 604 policy.
- Working within Security Policy & Requirements; JSP 440, JSP 604, etc. and client Security regime
- Producing, Reviewing, and Managing: RMADS, Technical Risk Assessments (TRAs)
- Providing technical security support on MOD/Government Projects, working to HMG Policy and Guidelines.
- Stakeholder Engagement; Chairing Working Groups with the ability to translate technical subjects to users at all levels,
- SIRA qualified, with supporting security certifications like; CISSP, CISSM, ISO27001, etc. or equivalent.
- Familiarity with providing guidance and support in documenting solutions in Risk Managed Document Sets, MOD IS Risk Balance Cases, Security Cases and other Adhoc documentation.
Please quote the Job Title & Vacancy Reference No. in your application, or we will be unable to match your CV to the role being applied for.
“Essential Requirements” – Please check to ensure that your CV addresses the following items:
- Our clients are generally seeking applicants who are reasonably local, not that they would exclude candidates willing to travel/relocate, so on that basis we would ideally like you to supply us with your address (or at least your post code) and a telephone number so that we can reach you during working hours
- Your recent UK working experience going back at least 5 years, or full employment history if you have been working for fewer years than this.
- Your availability to work either immediately, or at short notice.
- Qualifications and experience relevant to the job role – please give full details within your CV document.
- DV Vetting Security Clearance
Other preferable/desirable details to include on your CV, if applicable:
- Any local authority/public sector experience
- Any relevant qualifications held or being studied for
Interim Security Assurance Co-ordinator (SAC)