Security Assurance Coordinator

Role Purpose

As the Security Assurance Coordinator, you will be responsible for the Co-ordination of security assurance activities for the organisation. The role will support the delivery of a variety of innovative, accreditable, cost efficient and profitable solutions to comply with HMG’s security classification system.

The Security Assurance Coordinator role will encompass two key areas of Information Assurance and Information Security. Implementing measures focused on protection and safeguarding of the Company’s critical information and relevant information systems, assuring the integrity, availability, authentication, confidentiality and non-repudiation. As well as the protection of information and information systems from illegitimate access, usage, revelation, alteration, disruption and destruction to achieve the objectives of data integrity, availability and confidentiality.

Role Responsibilities

Key responsibilities for this role may include:

• To co-ordinate the security accreditation and assurance processes for new and enhanced services which the organisation offers to our customers.

• To co-ordinate and support the organisation with the completion of IT Health Checks (ITHC)

• To co-ordinate and support with MOD and other authority assurance activities

• To support with the Completion of JSP processes

• To support junior members of the information security team.

• To support the Development and maintenance of our Information Security Management System (ISMS) to best support the Company’s activities, including Risk Management and Accreditation Document Sets (RMADS) and Company Security Policies.

• To examine any risks to the Company's information security and work with the Senior Information Security Manager to put policies and procedures in place to manage those risks.

• To work with the Senior Information Manager to develop, maintain and continually improve a set of controls and measures to manage any threats to information assets.

• Plan and maintain information security compliance activities with the variety of security requirements that the Company meets.

• Support with monitoring Information Assurance

• Coordinate and implement all protective security activities including physical security.

• Co-ordinate information governance, including annual Service assessments and risk management.

• Monitor the operation of the Company’s Information Security Management System

• Perform the role of Incident Manager during any security incidents and emergencies, ensuring that all business recovery/contingency plans and/or procedures are actioned accordingly.

• Co-ordinate investigations involving security; to prepare reports and note follow up action.

• Support the delivery of the Company’s Information Security awareness, education and training programme.

• Co-ordinate actions with appropriate suppliers, including consultants and service providers.

• Evaluating Information Assurance

• Represent information security on any relevant project workgroups and project boards.

• Co-ordinate a process of continual Audit, to ensure that compliance is maintained with the various requirements on the Company, and to support continuous improvements.

• Under the guidance of the Senior Information Security Manager, Co-ordinate periodic review of policies and procedures.

• Carry out Security exercises including NCSC Cyber in a box.

• Co-ordinate the completion of follow up actions.

Education and Experience Requirements

As the Security Assurance Coordinator, you will have/be:

• • Working towards or be qualified in CISSP/CISA/ CISM is desirable or equivalent professional experience.
• • Experience in risk and regulatory frameworks and standards, such as NIST, ISO27001, MOD JSP440, JSP604
• • Proven track record in Information Security and Assurance
• • Initiative and pro-activity, matched by an ability to be a strong member of a team.
• • Willingness to work flexibly in response to changing organisational requirements.
• • Solid communications skills - including the ability to influence employee behaviour and perceptions.
• • A keen understanding of technology and the ability to leverage this knowledge to implement effective security solutions.
• • Experience of managed service environments, with an awareness of ITIL best practice.

SecureCloud+ is an equal opportunities employer and does not discriminate on the basis of age, sex, colour, religion, race, disability, or sexual orientation. Our hiring decisions are based on an individual’s experience and qualifications for the job advertised.