Security Controller

Mastek (UK) Ltd ,
Reading, Berkshire

Overview

Job Description

Reading based with travel Role Description The Security controller is required to assume the responsibilities for ensuring that security procedures are maintained in compliance with the Government Security practices including the Classifications scheme, List-X and departmental arrangements. These are to be continually improved and developed in accordance with good practice, legislative change and client policies and procedures. This position will be the focal point for security management practices in the organisation, supporting existing secure services as well as being integral in assisting developing new business opportunities and services. Duties will include the design and implementation of physical security controls; management of personnel security processes; implementation of information management policies; monitoring of secure services to ensure compliance; pro-active development of best practices; and maintaining a security awareness culture. The Security Controller is responsible for interpreting, implementing and monitoring security controls for the appropriate protection of classified assets across a number of sites in the UK. This is an exciting position for an experienced security controller who is seeking new challenges to be part of a rapidly growing secure services organisation. Skills and Qualifications Essential: * Proven experience in excess of 3 years of undertaking a similar role * British UK resident and have the ability to obtain and relevant UK Government clearances * In-depth understanding and experience of Security Policy Framework, Government Security Classifications, List-x and related processes * Member of Defence Industry Security Association (DISA) or equivalent * Experience in HMG Vetting processes and personnel security controls, working with National security Vetting services to undertake security vetting for new starters * Knowledge of physical security measures and controls * Experience in developing, maintaining, and monitoring policies and procedures so that the business remains pro-actively compliant with current security guidelines and legislation * Ensure employees remain compliant security clearance obligations through the required aftercare processes * Knowledge and understanding of Cyber Essentials and Cyber Essentials Plus * Experience in taking a pro-active lead in investigating security breaches * Undertaking advisories for management and other senior stakeholders on the interpretation and implementation of relevant legislation, NCSC & CPNI guidance, HMG security controls and policies * Detailed understanding of ISO 27001 controls, working closely with internal IT and ISO management teams * Experience championing security training and awareness initiatives * Flexibility to travel with the UK * Excellent written and oral communication skills Desirable: * Knowledge of multiple public sector clients and specific standards and policies (e.g. Home Office, MOD, Police) * Relevant certifications and qualifications * Understanding of other relevant legislative compliance aspects (e.g. GDPR) * Experience in undertaking the design of required security controls for new contracts or for the alteration/establishment of sites where classified assets are to be handled, stored or produced * Experience in undertaking similar roles in the delivery of Critical National Infrastructure and List X services * Awareness and understanding of public cloud security controls and accreditation processes * Supporting presales activities when required in defining information security response to potential UK Government clients