- Looking to hire?
- Career advice
- CV Information
- Employment advice
- Career advice from our recruitment specialists
- Interview advice
- About us
Information Assurance Manager
The Merlin Delivery Team is part of the Helicopters Operating Centre based at the Leonardo Helicopter site in Yeovil.
Join an integral part of the UK's Defence and play your part in the procurement and in-service support of all our armed forces' equipment, from fighter jets, armoured vehicles, submarines and aircraft carriers, to clothing, food, and ammunition. If you have the pride, passion and commitment to be part of an exciting organisation at the forefront of supporting our country's armed forces deliver on operations at home and abroad, then apply online now!
The Team is responsible for the management of the Royal Navy's fleet of Merlin Helicopters, delivering core In-Service support as well as managing a broad portfolio of equipment
capability projects. Within Merlin we require an experienced Information Assurance Manager. If you have the pride, passion and commitment to be part of an exciting organisation at the forefront of Defence, then this could be the ideal career for you.
To support the delivery of Information and Communication Technology (ICT) systems through life as the Security Assurance Coordinator (SAC); The SAC provides the vital interface between the Accreditor, the supplier, the project team and the end user community, ensuring that all aspects of security are delivered throughout the project lifecycle. Responsible for providing advice and guidance across Stakeholder groups on Cyber Security and Information
Assurance (IA) strategies, policy and governance, ensuring all networks and systems are compliant with IA regulatory and relevant legislation through the development and delivery of security accreditation activity.
Act as the main IA and cyber security focal point for Stakeholders within a project providing guidance on IA compliance and data security.
- Ensure the effective coordination of all project security aspects, queries, document reviews, requests for advice and testing, are channelled appropriately before they reach the Information Asset Owner (IAO), Accreditor or wider Project Team
- Chair the Security Working Group (SWG) to ensure appropriate stakeholders are informed of decisions; support the review of formal documented minutes as produced by the Project; ensure standard SWG TORs are agreed, implemented.
- Lead the development and delivery of the accreditation activity through CyDR within projects; Ensure the Accreditation Evidence Statement (AES) is scoped to capture appropriate project requirements;
- Ensure that security stakeholders roles required for the project have been identified, are aware of their responsibilities in fulfilling the role, and are suitably briefed
- Create, update and manage the Security Risk Register and ensure it is reviewed at the security meetings
- Ensure the production and regular update of a Security Management Plan (SMP)
- Responsible for the production of Risk Management and Accreditation Document Sets (RMADS) and any supporting documentation and evidence in line with JSP440 and JSP604.
- Ensure compliance with relevant authoritative source advice and guidance on applicable security related legal obligations, policy, guidance and standards within a proportionate risk appetite framework.
- Monitor and report any changes to the target(s) of accreditation and/or significant security issues to the SWG for awareness and acceptance;
- Produce and maintain a security risk register to capture security associated risks and/ or issues affecting project/programme delivery to support risk mitigation; identifying appropriate escalation routes for risk and issues.
- Undertake IA reviews, audits and security surveys both internal and external with Industry Partners and present findings to relevant Stakeholders.
- Promote and champion best practice Information Assurance (IA) and cyber awareness and security practices whilst being an active part of the IA community.
- Manage IA/Cyber consultants employed to produce security documentation on behalf of the project where applicable.
Please note, due to the nature of activities, this role is open to Sole UK Nationals only
To be found successful you must demonstrate the following essential criteria:
Relevant qualification and/or experience of Information Assurance and Cyber Security with a knowledge of JSP440 and NIST.
Fundamentals of Information Assurance in HMG
Information Risk Management for HMG IA Practitioners - IS1&2
Applied experience of IA processes, methods and techniques
It would benefit your application should you be able to demonstrate the following desirable criteria:
Engineering/technical knowledge or qualification of Military/Civil aviation system
Knowledge of Communications & Network Security
Certified Information and Security Manager (CISM) or working towards
If you are invited to an interview, you will be assessed against the following technical competencies:
Strategy, Architecture and Solution Design
If you are invited to an interview, you will be assessed against the following behaviours:
Communicating and influencing
Seeing the big picture
What's in it for you?
You will receive a generous benefits package including market leading employer pension contributions of around 21% of your salary (not including any
personal contribution), annual bonuses, a flexible working pattern to fit you where possible, 25 days holiday +1 additional day every year you work up to 30 days with opportunity for movement and promotion.
Networkers acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers and is part of Gattaca Plc.
Gattaca Plc provides support services to Networkers and may assist with processing your application.