Raytheon Technologies
,
Gloucester, Gloucestershire
Information Assurance Consultant (Cyber Innovation Centre)
Overview
Job Description
Job Title : Programme Information Assurance Consultant Grade: G09 Location : Gloucester Overview : The Information Assurance (IA) consultant is a critical role within the Cyber and Intelligence (C&I) business unit. Reporting to the C&I Information Security Lead, you will be responsible for ensuring programme (single-site) information assets are protected through policy, procedural and technical enhancements. Comfortable working in a matrix management organisation, you will act as the trusted advisor to the programme account director and other internal stakeholders by ensuring industry best practice and customer security requirements are implemented with regards to IA, cyber security and risk management. Summary of Role : Responsible for providing authoritative IA advice programme and corporate staff. Responsible for ensuring all programme information assets are identified, categorised and protected based on their intrinsic value and classification. Responsible for driving through personal accountability for the handling, processing and storing of customer, programme and corporate data. Responsible for authoring and maintaining the programme risk register, ensuring risks are managed and/or escalated based on risk tolerance and risk appetite. Responsible for ensuring all accreditation documents are authored, approved, baselined and maintained. Responsible for ensuring programme IA policies are authored, approved, baselined and maintained. Responsible for engaging with 3 rd party suppliers to scope, manage and report on IT Health Check results, ensuring that vulnerabilities and risks are remediated efficiently and effectively. Responsible for ensuring programme staff have read, understood and signed the programme Security Aspects Letter (SAL). Responsible for authoring monthly IA metrics, required to satisfy customer contractual requirements. Responsible for chairing Security Working Groups (SWG), ensuring matters arising are actioned in a timely manner. Responsible for managing and resolving all IA security breaches, ensuring that internal and external reporting is conducted in accordance with local working practices. Assume responsibilities of the Deputy Cryptographic Custodian, providing support to the Custodian on behalf of the programme and customer. Assume responsibilities of the Deputy STRAP Security Officer (STRAPSO), supporting the STRAPSO on behalf of the programme and customer. Conduct internal IA audits to ensure the programme ISO 27001 certification is maintained. Supporting the C&I Information Security lead in wider business requests. Ideal Candidate : BSc. Information Security or 3+ years' experience in a programme security environment. Professional certifications in Information Security (e.g. CISSP, CISM, CRISC, ISO 27001). Demonstrable knowledge of HMG Security Policy Framework, ISO 27001 and NIST controls. DV clearance, or the willingness and ability to become DV cleared. Strong communication (i.e. oral, presentational and written) skills. Highly organised, discrete, outcome focussed, with a "can do" attitude. Standard Benefits: 25 days holiday + statutory public holidays Contributory Pension Scheme (up to 10.5% company contribution) 6 times salary 'Life Assurance' Flexible Benefits scheme with extensive salary sacrifice scheme's. Enhanced sick pay scheme Enhanced Family Friendly Policies, including enhanced Maternity & Shared Parental leave. 37hr working week, with an early finish Friday (hours may vary depending on role, job requirement or site specifics arrangements). Flexible working arrangements can be considered depending on the role and subject to line manager approval. Canteen facilities available at Harlow & Glenrothes sites and Manchester & Gloucester offer free snacks & drinks (hot & cold) available. Diversity: Diversity is a core business imperative at Raytheon. We are an equal opportunity employer that promotes inclusiveness and always employs the best professionals for the job. Having a diverse workforce allows Raytheon to draw upon a range of different ideas and experiences which supports growing our business and creates an environment where everyone has an equal opportunity for success. Raytheon UK pro-actively encourages diversity of ideas, thoughts, and networking opportunities and has created Employee Resource Groups (ERGs) including Raytheon Women's Network, YesNet (Young Employees Success Network), Raytheon Reservist Network (RaRe), Raytheon Alliance for Diverse Abilities (RADA) and all work together with our Diversity & Inclusion counsel, and all Raytheon employees are welcome to participate regardless of their background. As a proud contributor to the HM Armed Forces, Raytheon UK signed the HM Armed Forces covenant in 2014. Due to the varied activities and support to our Armed Forces & Reservists, Raytheon UK has since been awarded the prestigious Covenant 'Gold Award' Employee Recognition. Raytheon UK recognise that our people are the critical factor in our success, an