Information Assurance Specialist

Information Assurance Specialist – up to £70k – Leatherhead area Our client is looking to expand their Information Assurance team and keen to speak with Information Assurance Specialists for this key role with in the IT Security Group which is a critical part to the success of the company. You will be providing security advice and guidance to the wider IT Department to support IT projects and change management and to the business with regard to accreditation, customer requests, service requests and general user queries You’ll also be providing effective security monitoring, testing and analysis of the wider IT infrastructure Key skills and experience • Understand the different compliance frameworks required by the business (including, but not limited to, ISO 27001, MOD DAIS, Cyber Essentials, MOD Cyber Profiles, , etc) • Engagement with the broader security industry and community to ensure the business is aware of current and future threats and is aligned with industry best practise. • Develop contacts with relevant IT Accreditors and key customer IT Security functions. • Review and update of the adequacy and completeness of IT Security documentation against changing customer and regulatory requirements including defence, civil nuclear, commercial, and data protection, and in the light of emerging risks. • Liaise with other governance process holders, both in the IT department and the wider business, to ensure security best practise is correctly included in applicable procedures. • Creation and maintenance of the IT security standards and other documentation to enable delegation of day to day IT security tasks to the IT Operations Group. • Provide advice and guidance to IT Department projects, reviews, change requests and development processes Requirements The Information Assurance Specialist will be familiar with the following: • Developing IT security department processes and procedures • Understanding and developing controls in line with ISO 27000, Cyber Essentials, CIS (SANS) cyber controls & CSA Cloud cyber controls • Conducting, or participating, in internal and external audit processes • Broad IT knowledge to be able to provide security input into a range of projects The successful Information Assurance Specialist will require a knowledge across the following: • Understanding and analysing system vulnerabilities • Identification of remediation activities, working alongside IT Operations and Infrastructure Groups • Understanding attack vectors and exploitation of vulnerabilities • Understand firewall, network and server logs • Network traffic capture and analysis. • Understand the features of modern security monitoring systems • The ability to analyse events and reported incidents Relevant cyber security qualifications are desirable, but not obligatory. Candidates will be assessed on their experience and capability. Relevant qualifications include: • 27000 Lead Implementer or Auditor • CISSP • SANS GCIA & GCIH • Certified Ethical Hacker (CEH) • CCSP People Source Consulting Ltd is acting as an Employment Agency in relation to this vacancy. People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management, Management Consultancy, Business Intelligence, Manufacturing, Telecoms, Public Sector, Healthcare, Finance and Oil & Gas