IA Senior Specialist

IA Senior Specialist

IA Senior Specialist
Location: South West
Salary: £35,000 - £45,000
# of openings: 1



Description

The Information Assurance (IA) Senior Specialist role includes responsibility and taking the lead for all aspects of security involved in protecting BT and its customers from cyber attack and compromise of information assets. The role will provide BT senior managers and Board members with assurances and evidence that security risks have been identified and are being managed appropriately. The role will deliver information assurance by leading risk assessments and compliance reviews across BT, often with a focus on the use of third parties and third party access to BT and BT customer information. IA studies and investigations will be delivered through project management and line and matrix management of team members from across BT. Travel (national and potentially international) is required. The role will require that a UK Government security clearance is gained and maintained.

Principal Responsibilities:

*Providing consultancy, advice and support on all aspects of information security and information assurance to BT stakeholders across the Business

*Providing the lead for vulnerability, impact and risk studies for all aspects of information confidentiality, integrity and availability

*Engaging with stakeholders across the Business to identify, qualify and quantify security risks and agree proposed mitigation controls and plans

* Ensuring security risks and controls are managed within appropriate governance and compliance frameworks

* Providing assurances to BT senior management and Board members that BT is managing information confidentiality, integrity and availability to appropriate standards


* Engaging with suppliers and third party vendors to ensure compliance with BT’s security policies and UK legal and regulatory requirements

* Providing the security lead for technical, procedural and personnel security advice and requirements

* Managing a team of skilled security consultants/specialists - via line and/or matrix management, where appropriate

* Providing input to the strategic direction of cyber and information assurance services and owning and maintaining the design of specific services

*Providing the lead for resolving security escalations and investigations

* Planning and delivering security risk assessment and compliance review reports and presentations

* Identifying security awareness and training programmes.

Person Specification:Essential Skills & Experience:
* Skills
* Very good negotiation and people skills
* Very good report writing and presentation skills
* Very good knowledge of security risk management techniques and methods, including vulnerability and impact analysis
* Very good knowledge of security compliance and audit techniques and methods
* Very good knowledge of BT security policies, processes and procedures
* Good organiser
* Good knowledge of UK data protection standards
* Good ability to build effective working relationships with customers and suppliers
* Good ability to work at senior management and board level and senior customer and supplier level
* Experience
* Extensive experience of security risk management techniques and methods
* Significant experience of operational security management techniques
* Significant experience of IS0 27001 standards
* Experience of working with third parties
* Experience of project management and matrix management techniques
* Experience of system security design and implementation techniques
* Experience of working with HMG customers and security requirements
Desirable Skills & Experience:
* Skills
* Knowledge of consultancy techniques and methods
* Experience
* Appreciation of networks, systems and application security standards