CYBER SECURITY INFORMATION ASSURANCE LEAD

We require an information assurance / cyber security lead for support to our customer projects within Civil and Devolved Government and Energy (DG&E) division in the UK. You need to be in the UK with SC Clearance or above and you may need to apply for additional personnel security clearances. We are looking for individuals who join a high-performing team and work confidently to make excellent security happen quietly for our customers with high assurance and no fuss. Simple, effective security that our customers value.
The role will support work that produces robust and efficiently managed assurance solutions for our customers’ sensitive programmes. The roles require a high degree of third-party and customer liaison, and will establish, then support in ongoing growth. This will bring diversity in what is required day-to-day and with flexible operating parameters to maintain service in an agile environment, will require good scheduling and scheduling prioritisation skills.
The successful candidate will be expected to develop further information assurance opportunities as our customer base and each of the projects we deliver continue to expand, including the use of common tooling that will facilitate the tracking and reporting of assurance actions. The ideal candidate will support the wider Leidos security capability, beyond Information Assurance, joining a talented and multi-faceted cyber team with a reach across our UK business delivering on our customer commitments and seeking out great opportunities to deliver great security by design.

ESSENTIAL PROCESS SKILLS/EXPERIENCE

• Experience of the IT systems engineering lifecycle
• Understanding of the controlling processes for the systems engineering lifecycle (e.g. requirements management, configuration management, testing and assurance) and where cyber assurance fits into these
• Solid understanding of Confidentiality, Integrity, and Availability (CIA) and practical experience in applying that understanding in management of risk and response to events and changes
• Experience of processes involved in gaining and maintaining accreditation for secure/sensitive systems using structured Risk analysis and treatment approaches.
• Understanding of process involved in gaining and maintaining certification for information security management systems, e.g. ISO27001.
• Exposure to tracing and evaluating responses to security requirements for a system.
• Experience in maintaining elements of security documentation sets (SyOps, RMADs, Security Management Plans, ISMS elements)

DESIRABLE EXPERIENCE

• Experience working in customer delivery environments.
• Experience working in CNI or Public Sector project environments.
• Understanding of different lifecycles/methodologies (waterfall, incremental, agile, DevOps)
  Clearance Requirements: Able to obtain or current UK SC Clearance is required for this position.

WHO WE ARE:

Leidos UK & EUROPE – we work to make the world safer, healthier, and more efficient through technology, engineering and science.
Leidos is a growing company delivering innovative technology and solutions focused on safeguarding critical capabilities and transformation in frontline services, our work in the United Kingdom includes addressing some of the most complex problems in defence, healthcare, government, safety and security, and transportation.

Function as the cyber lead for project outcomes and as a cyber SME. Conduct Threat modelling appropriate to the programme. Conduct Risk Assessments and develop risk treatment plans. Produce Security Assurance documentation. Implement and Manage ISMS In collaboration with the programme teams and customers development of and information assurance plan.