Information Assurance Specialist

The Cyber Security Governance & Assurance Specialist executes a range of workstreams in delivering contributions to the BT Group's & BT Group's Customers overall cyber security risk management program, which is designed to ensure that the BT Group's & BT Group's Customers technology systems and data are adequately protected.

• Identify and understand all elements of contractual security obligations for specified Customer Contracts.
• Deliver and verify the implementation of end to end security services as defined within specified customer contracts.
• Deliver and implement ISO27001 compliant security strategies, policies, procedures, processes, threat identification & responses that provide wrap-around security services and solutions for a Customer service.
• Manage operational risks related to people, information, assets, revenues and reputation and ensure compliance with relevant security requirements, typically: National Government regulations, Contractual Obligations, company security and business continuity policy.
• Monitor and manage third party supplier compliance to the flow-down of contractual obligations from BT.
• Monitor and manage Programme security awareness.

What you'll be doing

• Management and maintain Security Governance, Risk and Compliance for specified Customer Contract(s).
• Manage Security Obligations for the Customer Contract(s) and ensure they are reviewed on a regular basis and where not compliant, appropriate mitigation is in place or contract risks raised.
• Manage, implement and measure the effectiveness of the Security framework, processes, and plans for the contract that support the security strategy and policy, taking into account risks and appropriate legal/regulatory constraints.
• Support and where applicable take ownership of customer specific elements of security strategy development and deliver within the agreed timescales.
• Monitor and manage the effectiveness/certification of the contract as required eg ISO27001, CE+, DART compliant service; by managing/monitoring compliance to the above certifications.
• Monitor and manage customer pen testing, ITHCs and associated remediation, drive and deliver Security test plans.

Do you have experience in Time management?, * Achieve and maintain Security Clearance as defined in the contract.

• Excellent commercial awareness and customer facing skills
• Excellent interpersonal and communication skills
• Ability to make effective decisions and plan accordingly
• Excellent time management and prioritisation
• Understand the application of frameworks ISO27001, Security Policy Framework.
• Good level of knowledge of Security Architecture, Design, and operational processes.

The experience you will be expected to have

• Have a proven track record in security management (3 - 5 + years)
• Have demonstrable experience implementing and managaing security frameworks (eg ISO 27001, CE)