Commercial Navigation Systems
Find out more about the VisionMaster FT Radar for uncluttered radar image.
Read more >
Please note for this role all applicants must SC security cleared and be a British Passport holders (no dual citizenship)
We’re looking for an Information Assurance Manager to be solely responsible for ensuring the accreditation of a system using COTS PLC and SCADA technologies, is achieved against JSP440.
Key responsibilities include:
• Establishing guidelines and policies surrounding risk and security
• Audit work undertaken against agreed management plans, procedures and policy
• Audit current and future Commercial off the shelf based PLC and SCADA systems
• Working with the engineering teams to implement the right security strategy
• Monitor selected COTS hardware and software for any suspicious behavior or traffic
• Document best practices for security and information assurance based on business and user requirements
• Responsible for production of RMADS to support accreditation against JSP440
• Chair security working groups with internal stakeholders, customer, end user and accreditor
• Planning IA activities to support design system engineering design reviews, software design reviews and software delivery
• Mentoring engineers in IA best practice and embedding an IA culture
• Functional management and mentoring of a graduate IA engineer
• Working within a multi-disciplined team including project managers, supply chain, software engineers, hardware engineers, safety engineers and quality engineers
• Support to new bids and proposals for future opportunities
• Conduct penetration testing to find exploitable weaknesses
• Occasional travel around the UK to suppliers and customers
For this role the ideal candidate would have:
• Ability to use HMG Standards, including Information Assurance Standard 1 and 2 for technical risk assessment and creation of Accreditation documentation.
• Have worked with and implemented:
- HMG Departmental Policies and Publications such as MoD Joint Service Publications.
- CESG Good Practice Guides and other CESG guidance.
- Cabinet Office Policies such as the Security Policy Framework.
- Systems in high impact level environments, including achieving full IA Accreditation.
• Used HMG Approved hardware devices such as Data Diodes and Enhanced grade encryption devices.
• Familiarity with personal computer lockdown techniques using domain based technologies.
• Security Cleared or be prepared to undergo a Security Clearance.
• Someone with Good presentation and customer facing skills, including working on Security Working Groups.
• Collaborative working to resolve conflicting requirements
• Understanding of systems engineering lifecycle and how to apply this to IA
• Communication of complex technical issues and solutions to non-technical stakeholders
This role would be suitable for:
• An experienced Security Architect who was also a CESG Listed Advisor Scheme (CLAS) member and is now a CESG Certified Professional (CCP).
• Information Assurance (IA) practitioner.
• Experienced ISO27001 practitioner, including creating Statement of Applicability's.
• Someone who has an understanding of Cryptographic techniques and technologies.
Ideally, the candidate would be:
• A member of an IA group such as the Trusted Security Advisor Register (TSAR).
• A member of an IA related professional body such as IISP, APM Group or BCS.
• Familiar with Network Penetration Testing using manual or automatic methods including tools such as the US DoD Cyber Security Evaluation Tool.
• Experienced in a maritime environments.
• Experienced in Industrial Control Systems environments.
As well as a competitive salary, we also offer a flexible benefits package including, flexible working, private healthcare and pension.
Interested in applying?