Information Security Architect

Job Description

We are seeking an Information Security Architect who will play a key role with one of the leading UK Defence organisations.You will provide support to a range of Information and Communication Technology system design, integration and support projects within the Mission Systems Business UnitExperience of Information Assurance and security engineering within the MoD environment is highly preferable.Key Responsibilities:* Writing clear and comprehensive Risk Management Accreditation Document Sets (RMADS). * Providing Security Impact Assessment reports to mitigate specific security vulnerabilities/risks associated with an initial design or design change. * Developing HMG and MoD standard compliant technical system security architectures, and providing system design advice on the solutions. * Managing the security accreditation process for ICT projects. * Developing and undertaking the security aspects of a projects verification and validation testing. * Providing Information Assurance support to the wider business. * Providing support to new business development teams in the relevant professional area of expertise; to include provision of feasibility studies and support to campaigns. * Establishing technical relationships with partner contractors. * Represent the Company at industry and HMG events. Experience Required:* Working knowledge of Security Policy Framework and Information Assurance Standards, CESG Good Practice Guides, and MoD specific standards, in particular JSP440* A broad understanding of functional computing and networking environments,* A good understanding and experience of the principals of systems engineering as applied to large defence procurement programmes.* A knowledge of technology enabled controls, including several areas of deep domain knowledge preferably including Data Encryption (at rest and in transit), Authentication, Access Control, OS Hardening, Key Management techniques, Firewalls, Intruder Detection/ Prevention Systems, Protective Monitoring (including log collection and Security Information Event Management) and Anti-Virus. * A clear understanding of the effect system design and change has on the cost of development.* Domain knowledge in one or more of the following: Military Communications Networks (WAN & LAN) Electronic Warfare Systems Command and Control SystemsSoftware designOpen System Architecture Design & IntegrationEducation and Qualifications* Preference will be given to individuals who have achieved the current NCSC endorsed Certified Cyber Professional (CCP), or already meet the relevant criteria to be considered for the new specialisms route CCP has now embarked upon. Current criteria includesone of:* An NCSC-certified degree (undergraduate or postgraduate).* A valid certificate for Certified Information Systems Security Professional (CISSP), including full membership of (ISC).* A valid certificate for Certified Information Security Manager (CISM), including full membership of ISACA.* Proof of Full Membership (MCIIS) of the Chartered Institute of Information Security (CIISec).