Job Details

Security Risk Assessor - inside IR35

London, Southend-on-Sea, United Kingdom, £653 , Contract

Posted: 4 days ago


We are heading up a recruitment drive for a global consultancy that require a Security Risk Assessor to join them on a major government project that's based in Southend.

Role Title: Security Risk Assessor
Location: Southend-on-Sea
Duration: 6 months
Rate to SSC: £653
InScope of IR35

Role Description:

The role is to work client side for HMRC within the Security team on the Customs Declaration Service.

The role of the Security Specialist is to provide engagement level expertise, advice and guidance to HMRC and Capgemini stakeholders. Typical activities will include governance over engagement risk assessment activities and supporting the identification of business impacts and security requirements (as required by HMRC). The Security Specialist will provide advice and guidance on compliance with HMG policy, standards and best practice. Provide technical advice and guidance on compliance with formal HMG assurance requirements and best practise. They will convert identified risks & vulnerabilities into security requirements, and security requirements into solutions. They will provide advise on risk mitigation strategies, scoping of vulnerability assessments & interpretation of results to ensure a security strategic fit of the solution. The Security Specialist is accountable for the identification of appropriate countermeasures to address identified deficiencies and for delivering advice and design solutions with reference to policy and good practise. They are responsible for defining, implementing and communicating all project security objectives within assigned projects to key stakeholders, from Discovery through to the delivery of a solution.

Typical aspects of this role include, but are not limited to, the following:
Advice & design services for stakeholders.
Security content of Project technical documentation.
Security content of Proposal documentation.
Vulnerability assessment scoping and results interpretation.
All Security Consultancy activities for assigned projects.

Key responsibilities include but are not limited to the following:
Develops and communicates corporate information security policy, standards and guidelines. Contributes to the development of engagement strategies that address information control requirements. Identifies and monitors environmental and market trends and pro-actively assesses impact on business strategies, benefits and risks. Leads the provision of authoritative advice and guidance on the requirements for security controls in collaboration with experts in other functions eg legal, technical support. Ensures architectural principles are applied during design to reduce risk and drives adoption and adherence to policy, standards and guidelines.
Leads the development of architectures for complex systems, ensuring consistency with specified requirements agreed with both external, and internal customers. Takes full responsibility for the balance between functional, service quality and systems management requirements within a significant area of the organisation. Establishes policy and strategy for the selection of systems architecture components, and co-ordinates design activities, promoting the discipline to ensure consistency. Ensures that appropriate standards (corporate, industry, national and international) are adhered to. Within a business change programme, manages the target design, policies and standards, working proactively to maintain a stable, viable architecture and ensure consistency of design across projects within the programme.

The scope of the Security Specialist role includes but are not limited to the following:
Has defined authority and responsibility for a significant area of work, including technical, financial and quality aspects. Establishes engagement objectives and delegates responsibilities. Is accountable for actions and decisions taken by self and subordinates.
Influences policy formation on the contribution of own specialism to business objectives. Influences a significant part of own organisation and influences customers/suppliers and industry at senior management level. Makes decisions which impact the work of employing organisations, achievement of engagement objectives and financial performance. Develops high-level relationships with customers, suppliers and industry leaders.
Performs highly complex work activities covering technical, financial and quality aspects. Contributes to the formulation of IT strategy. Creatively applies a wide range of technical and/or management principles.
Absorbs complex technical information and communicates effectively at all levels to both technical and non-technical audiences. Assesses and evaluates risk. Understands the implications of new technologies. Demonstrates clear leadership and the ability to influence and persuade. Has a broad understanding of all aspects of IT and deep understanding of own specialism(s). Understands and communicates the role and impact of IT in the employing organisation and promotes compliance with relevant legislation. Takes the initiative to keep both own and subordinates' skills up to date and to maintain an awareness of developments in the IT industry.

Cloud technologies

Cloud technologies

Monitoring of compliance with the controls that in the Development and Deployment processes and tools

JIRA and Confluence

2 years + years experience on working on security projects

Desirable personal skills include but are not limited to:

Work collarbortively with the rest of the Security team and the wider HMRC programme team

Support the Security team as necessary

A can do and proactive attitude

Good written and verbal communication skills; Problem Solving and creativity skills; Honesty and integrity.

Knowledge of HMRC business

Preferable: CCP SIRA accreditation

Job Details

London, Southend-on-Sea, United Kingdom