Accessibility Links

Cyber Security Officer

  • Job reference: 921269
  • Location: Gloucestershire
  • Salary: GBP55000 - GBP60000 per annum
  • Job type: Permanent
  • Sector: Cyber Security, IT & Telecoms
  • Date posted: 21/08/2018

The purpose of this post is to assist the Information and Cyber Security Manager with the organisation of IT Security providing specialist technical advice on security reviews and investigations relating to IT issues, events and incidents as well as being responsible for IT security awareness training.

Activities to be delivered by Post

  • Ensure that all information risks are identified and appropriately managed in line with agreed tolerance levels and to managing the RMADS for the infrastructure
  • Compliance with the Information Security requirements of the Nuclear Industries Security Regulations (NISR) 2003 (as amended)
  • To provide continual security improvements and provide monitoring to ensure that policies, procedures and controls are effective
  • Oversee the build and maintenance of technical security measures(including but not limited to encryption, remote access solutions etc.) accepting all information security into service when operationally ready - don't currently do this
  • To support third party suppliers as required to ensure internal controls are not compromised
  • Assist with the resolution of Information Security incidents and working to define and implement corrective actions where non-conformities have been identified
  • Keep abreast with new threats and emerging trends/issues
  • Carry out Surveillance, Inspections and Audits to ensure compliance with Government Information Security Standards
  • Issue formal and compelling Information Security direction and advise the client and its third party suppliers
  • Ensure that the contractors are aware of their legal obligation for reporting any breach, or suspected breach of security to ONR in accordance with NISR 2003, Regulations 22
  • Alt Crypto Custodian
  • Cyber Security SME to ensure alignment between IT/OT
  • Provide SME advise to DA Security Specialists
  • This post is the Information Technology Security Officer (ITSO) for the client's accredited IT networks.

Key accountabilities of the Post. Accountable to Information and Cyber Security Manager for:

  • Assisting with the development and maintenance of all Information Security policies, standards and Information Security Management system documentation in line with regulatory requirements and recognised best practice
  • Assisting with implementing and maintaining Information Security technical, physical, procedural and personnel security measures
  • Assisting with implementing and maintaining the ISMS
  • Assisting with implementing and maintaining the RMADS

Key relationships

  • Information and Cyber Security Manager, IS Dir, Head of Security Policy & Corporate Services Dir
  • Design Authority Engineering Directorate Licensing and Permissions Directorate Site Development Directorate Site Manager (for Emergency Arrangements on Site) - check new org structure
  • Engineering Directorate
  • Site Development Directorate
  • Site Manager (for Emergency Arrangements on Site)
  • ONR (including CNS Programme)
  • Centre for the Protection of National Infrastructure (CPNI)
  • NCSC
  • GovCertUK
  • To be further reviewed at a future date

Mandatory requirements

  • Batchelor degree in computer science, engineering or Information Technology or relevant experience
  • Demonstrates a track record of success, achievement and learning in career to date, adding value within relevant positions
  • Demonstrable understanding and experience of the ISO27000 standards and experience in delivering ISO27001 certification
  • Proven experience delivering Information Security within large scale delivery programs and projects at a senior management level
  • Up-to-date knowledge and experience of security compliance issues and risks
  • Demonstrable experience in the conduct of risk assessments and security audits in order to achieve and maintain compliance
  • Experience of devising or playing a key role in contributing to policies/procedures
  • Evidence of continuous professional development. Post Graduate degree preferred in Information Security or professional qualifications such as CISM, CISSP, ITIL, CCP
  • Strong verbal and written communication to include excellent documentation and presentation skills
  • Planning and prioritisation skills
  • Problem solving and solution focussed
  • Consistently demonstrates behaviours aligned to its values: safety, courage, integrity, collaboration and inspiration
  • Ability to learn, adapt and thrive, delivering value in a changing and evolving organisation
  • Influential with good stakeholder management and relationship skills
  • Flexibility and mobility to undertake business travel as required

Desirable requirements

  • A blend of both government and commercial experience is beneficial
  • An understanding and some experience of wider security requirements within personnel and physical security is beneficial
  • Knowledge and experience of working within the HMG GSC
  • In-depth knowledge and experience of Nuclear Security regulations and standards including the HMG Security Policy Framework
  • Familiarity with IT and networking hardware, e.g. servers, switches, routers, storage arrays is preferred
  • Demonstrable understanding and experience of the Civil Nuclear Security Regulations and Standards
  • An understanding of the UK Civil Nuclear Industry
  • Member of a relevant institute
  • International experience

Our role in supporting diversity and inclusion
As an international workforce business, we are committed to sourcing personnel that reflects the diversity and values of our client base but also that of Orion Group. We welcome the wide range of experiences and viewpoints that potential workers bring to our business and our clients, including those based on nationality, gender, culture, educational and professional backgrounds, race, ethnicity, sexual orientation, gender identity and expression, disability, and age differences, job classification and religion. In our inclusive workplace, regardless of your employment status as staff or contract, everyone is assured the right of equitable, fair and respectful treatment.

Similar jobs
Information Security Officer
  • Salary GBP50000 - GBP55000 per annum
  • Job type Permanent
  • Location Gloucestershire
  • Description The purpose of the post is to provide support to the Information and Cyber Security Manager. This will include assisting with the development and implementation of contract security policies