Cyber Security Governance & Assurance Specialist
Role details
Job location
Tech stack
Job description
BT's Defence security team are seeking an experienced Technical Security and Information Assurance Specialist to support the development and operational environments for sensitive customers. This role is pivotal in ensuring solutions are Secure by Design, ensuring compliance with frameworks, policies, standards and legislation and able to review cloud, hybrid, networking and on premise architectures.
You will act as a trusted security authority, working closely with engineering, operations, architects, customers, assuring bodies to identify threats, manage risk and assure systems throughout their lifecycle.
What you'll be doing
- Using your experience and industry knowledge, you'll provide thought leadership and work with new technologies to help shape BT's future secure offerings
- Work with the existing teams, including technical and business development leads to understand security requirements, provide assurance and ensure security is embedded from the outset and maintained through-life
- Provide support to our sales and win-new-business teams to ensure security deliverables are planned and aligned to other schedules
- Undertake threat and risk assessments
- Select and apply proportionate and effective security controls from baseline control sets
- Provide security leadership and assurance for BT Defence
Requirements
Do you have experience in WAN?, PLEASE NOTE BEFORE APPLYING: Role requires SC (Security Clearance) Minimum 5 years UK working history, * Already hold or be capable of achieving and maintaining the required security clearance (SC as a minimum) Sole UK Nationality
- Have a proven track record in security and information risk management
- Demonstrable understanding of cloud and hybrid security architectures, including on-premise and distributed cloud models
- Strong network security knowledge, covering WAN, LAN and WLAN
- Have excellent verbal and written communication skills
- Have experience producing and presenting security documentation (Security Management Plans, Security Cases, SyOPs etc), * Be experienced in working in major public industry sectors e.g. Defence (MoD) and/or HM Government departments or agencies
- Experience that include working with emerging technologies such as Kubernetes containerisation, cryptographic solutions and boundary protection technologies
- Have knowledge and experience of Cyber Security Model, Defence Conditions and Defence Standards such DEFCON 658, DEFSTAN 05-138 and production of Cyber Implementation Plans (CIP)
Benefits & conditions
Pulled from the full job description
- Annual leave
- Employee discount
- Company pension
- Paid volunteer time