Information Assurance (Product Security) Lead

Northrop Grumman Sperry Marine ,
London, Greater London
Salary: Up to £75,000 per annum + flexible working + benefits

Overview

Northrop Grumman Sperry Marine have a exciting vacancy for an Information Assurance (Product Security) Lead to conduct IA activities on a number of state-of-the-art defence projects and systems either based at our Head Office in New Malden, or at our office in Barrow-In-Furness, Cumbria. A successful applicant will typically be able to demonstrate at least six years of experience within a Defence IA/Cyber environment and will be expected to : Be responsible for achieving accreditation for one, or more, products, in accordance with a JSP440 requirement Create document sets (IAMP, RMADS etc.) in support of product accreditations; Generate policies, procedures and SyOps in support of product, project and site security; Be able to produce sensible, rational and comprehensible IS 1/2 Risk Assessments, including rational risk treatment plans; enjoy, and be capable of mentoring junior IA engineers in current and best practice for IA/Cyber; Support initiatives to embed IA culture within specific project teams and throughout the wider company; Support the Information Assurance Manager in discharging his/her security accountabilities, working across a variety of information and cyber security related topics; Communicate complex technical issues and solutions to non-technical stakeholders; Undertake occasional travel around the UK to suppliers and customers; Chair Security Working groups related to assigned products; Participate in a broad company security awareness program, generating ideas and producing content in order to provide orientation, educational programs, and on-going communication; Participate in Information and Cyber Security governance meetings as directed; Ensure excellent client service; Build strong and enduring relationships within the company and with our clients; Be a credible, charismatic and knowledgeable envoy for the role of IA/Cyber within a modern business; Please note for this particular role, all candidates must be eligible for SC - UK EYES ONLY clearance and therefore be a sole British National passport holder. Skills & Experience Essential A demonstrable track-record of successful IA work within a defence domain; A broad information assurance mind-set, able to assimilate and consider issues from the technical, process and business perspective, supported by a pragmatic attitude to the implementation of security within a defence environment; A sound understanding of the procedures required to identify, quantify and address information assurance or cyber vulnerabilities within a product, project and organisation; Experience in the development and implementation of appropriate risk mitigation plans, policies, processes and technical controls; In-depth knowledge of HMG IS1/2 Risk Assessments (and subsequent Controls and Treatments) Excellent communication skills, both written and verbal; Experience with Cyber Essentials, DCPP, DEFSTAN 05-138 Ability to work unsupervised and to a high standard Desirable Experience with NIST 800 series, ISO/IEC 27005:2018 Qualifications include CISSP, ISO/IEC 27001 (LI or LA), former CLAS Consultant GIAC / SANS certifications Penetration Testing skills / certifications