Information Assurance Specialist
We are currently recruiting for an experienced IT Security professional to join our expanding team. This role would give you a varied workload with an opportunity to develop your career, become a technical expert and the go to for a range of products. The role can be based remotely with travel as and when required to our offices if this would suit you better.
The primary task of the roles is to ensure that the Information Security Architecture design manages risk while supporting the business needs, and identifies security capabilities that should be in place to appropriately protect the confidentiality, integrity and availability of Thales UK IT systems, facilities, and information (data).
- Support Thales UK in ensuring all technical security measures are enhanced and developed where necessary, to ensure successful and timely system accreditations and re-accreditations.
- Provide central point of contact for all technical security matters and concerns, supporting IS project teams and businesses throughout project lifecycles.
- Provide assurance and ensure successful and secure delivery of all Code of Connections (CoCos), associated cryptographic products, key material and required documentation.
- Responsibility for developing and implementing formal and regular technical risk assessments of Thales’ IS environments, recommending remedial action where required.
- Work collaboratively with technical project delivery teams to ensure proposed solutions provide the required level of security assurance in line with data processing requirements and Thales and customer risk appetites.
- Ensure that technical requirements for Thales assurance activities are delivered in the functional area in line with risk appetite.
- Devise, develop and maintain Information Security design principles and Technology Standards and requirements – To document and publish these Information Security Principles, Standards and requirements for use in the design and architecture of all Thales UK IT systems. Review new and proposed technologies to evolve the list of acceptable Technology Standards as required.
Skills and experience required:
- Evidential experience as subject matter expert in the evaluation and implementation of technical security products for Public or Private sector organisations across networking, infrastructure, applications and cloud technologies
- Evidential experience in assessing technical risk, review network security policies and procedures across networking, infrastructure, applications and cloud technologies.
- Evidential experience in performing formal risk assessments and production of Risk Management and Accreditation Documentation (RMADS) in line with UK Government policy.
- Network Infrastructure and Application vulnerability assessments, extensive experience of network design and CHECK scheme deliverables.
- Able to provide analytical advice on the security implications of new and existing systems/solutions and for all proposed changes to said systems.
- Able to interpret detailed system design documentation and identify all potential security risks, implement secure and appropriate security solutions.
- Quantifiable experience in fundamentals of all aspects of Security technical design
- Good understanding Enterprise Security products and vendors, including, IDAM, CASB, Cloud Vendors and Services, Gateway and end point protection solutions and services.