Job Details

Security Risk Specialist

London, Essex, United Kingdom, Contract

Posted: 4 days ago


Security Risk Specialist

Whitehall Resources are currently looking for a Security Risk Specialist

This role will be Inside of IR35, so you would be required to use an Umbrella Company.

Key Requirements:

- The role of the Security Specialist is to provide engagement level expertise, advice and guidance to stakeholders.
- Typical activities will include governance over engagement risk assessment activities and supporting the identification of business impacts and security requirements.
- The Security Specialist will provide advice and guidance on compliance with policy, standards and best practice.
- Provide technical advice and guidance on compliance with formal assurance requirements and best practise.
- They will convert identified risks & vulnerabilities into security requirements, and security requirements into solutions.
- They will provide advise on risk mitigation strategies, scoping of vulnerability assessments & interpretation of results to ensure a security "strategic fit" of the solution.
- The Security Specialist is accountable for the identification of appropriate countermeasures to address identified deficiencies and for delivering advice and design solutions with reference to policy and good practise.
- They are responsible for defining, implementing and communicating all project security objectives within assigned projects to key stakeholders, from Discovery through to the delivery of a solution.

Key Responsibilities:

- Typical aspects of this role include, but are not limited to, the following:
* Advice & design services for stakeholders.
* Security content of Project technical documentation.
* Security content of Proposal documentation.
* Vulnerability assessment scoping and results interpretation.
* All Security Consultancy activities for assigned projects.
- Develops and communicates corporate information security policy, standards and guidelines.
- Contributes to the development of engagement strategies that address information control requirements.
- Identifies and monitors environmental and market trends and pro-actively assesses impact on business strategies, benefits and risks.
- Leads the provision of authoritative advice and guidance on the requirements for security controls in collaboration with experts in other functions eg legal, technical support.
- Ensures architectural principles are applied during design to reduce risk and drives adoption and adherence to policy, standards and guidelines.
- Leads the development of architectures for complex systems, ensuring consistency with specified requirements agreed with both external, and internal customers.
- Takes full responsibility for the balance between functional, service quality and systems management requirements within a significant area of the organisation.
- Establishes policy and strategy for the selection of systems architecture components, and co-ordinates design activities, promoting the discipline to ensure consistency.
- Ensures that appropriate standards (corporate, industry, national and international) are adhered to.
- Within a business change programme, manages the target design, policies and standards, working proactively to maintain a stable, viable architecture and ensure consistency of design across projects within the programme.

Key Experience:

- Has defined authority and responsibility for a significant area of work, including technical, financial and quality aspects.
- Establishes engagement objectives and delegates responsibilities.
- Is accountable for actions and decisions taken by self and subordinates.
- Influences policy formation on the contribution of own specialism to business objectives. Influences a significant part of own organisation and influences customers/suppliers and industry at senior management level.
- Makes decisions which impact the work of employing organisations, achievement of engagement objectives and financial performance.
- Develops high-level relationships with customers, suppliers and industry leaders.
- Performs highly complex work activities covering technical, financial and quality aspects. Contributes to the formulation of IT strategy.
- Creatively applies a wide range of technical and/or management principles.
- Absorbs complex technical information and communicates effectively at all levels to both technical and non-technical audiences.
- Assesses and evaluates risk.
- Understands the implications of new technologies.
- Demonstrates clear leadership and the ability to influence and persuade.
- Has a broad understanding of all aspects of IT and deep understanding of own specialism(s).
- Understands and communicates the role and impact of IT in the employing organisation and promotes compliance with relevant legislation.
- Takes the initiative to keep both own and subordinates' skills up to date and to maintain an awareness of developments in the IT industry.

Key Skills:

- Monitoring of compliance with the controls that in the Development and Deployment processes and tools.
- JIRA and Confluence.
- 2 years + years experience on working on security projects.
- Work collarbortively with the rest of the Security team and the wider HMRC programme team.
- Support the Security team as necessary.
- A "can do" and proactive attitude.
- Good written and verbal communication skills; Problem Solving and creativity skills; Honesty and integrity.

All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description.

Job Details

London, Essex, United Kingdom