IT Security Specialist - Service Dev, Bristol

Programme Description Subject to contract award Leonardo is expecting an IT project, , for a UK Government customer, to start at the end of September 2020. It will involve taking on some legacy office IT and datacentres, building a new IT infrastructure based on cloud technology, developing a wide range of managed services to create an Infrastructure as a Service (IaaS) environment, supported by comprehensive ITIL-based support services. It will also involve migrating some legacy systems to the new IaaS environment. The new IaaS will then be operated by Leonardo until contract expiry or re-compete, 5 years from commencement. All the work will take place around the M3/M4 corridor between London and Bristol. How this role fits in Shortly after the commencement of the programme, a service development team will be responsible for developing the working IaaS solution with its supporting ITIL and other through-life support services, working from a detailed statement of requirement. The team will work in accordance with the Scaled Agile Framework. The team will work under a Scrum Master and will contain engineers with a range of experience and skills including security, Windows infrastructure, networks, Cloud infrastructure and ITIL centric support. This role is the IT Security specialist within the team. Role Description You will be responsible for ensuring that the services developed meet the security assurance regime policies and procedures to achieve and maintain Accreditation. You will therefore take the lead in providing rigorous assessment and validation of the information assurance aspects of the IaaS and supporting services solution design, build, testing and setting to work. You will report to the Scrum Master with regard to tasking. You will consult and inform the programme Security Lead with regard to security problems and findings. The engagement is expected to last for 12 months. After which point you will transfer into a similar migration role and an ongoing service team role within the programme. Who would suit this role? This role would ideally suit a talented IT Infrastructure engineer with security qualifications and particular experience in the domain of sensitive and operationally critical systems and the definition and development of services and functionality within the Scaled Agile Framework. Alternatively the role would suit a qualified Security Assurance Coordinator with service development experience in the development of IT infrastructure. Key Responsibility Areas Develop a good knowledge of the essential programme security policies and guidance. Ensure appropriate action is taken to enable accreditation. Provide advice on security policy and how this may impact technical solutions. Ensure that customer Crypto-security and security policy is being correctly applied. Monitor security considerations that are being incorporated and report on them to the Security Lead. Ensure that requirements are being met by the infrastructure team for each accreditation or re-accreditation covering COMSEC, COMPUSEC, TEMPEST, Key management and P3 (Physical, Procedural & Personnel) measures for each project or phase. Highlight and report unresolved security difficulties to the Security Lead. Ensure that solution configuration management procedures meet the criteria for the required level of assurance. Liaise with the customer security advisors, and advise the Security Lead as appropriate. Ensure that the security deliverables are available as and when required by the project plan. Produce all security deliverables (e.g. security documentation) and ensure that they are fit for purpose (to the satisfaction of the Accreditor). Develop and coordinate the input to Sy Ops and any P3 measures required. Arrange with Accreditor for the issue of Interim and/or full accreditation certificates as required by stages of the project. Ensure that all Project security related risks, as identified by the Accreditor and/or the Security Lead are promptly listed on the Project's Risk Register and are reviewed at each security meeting.How will we support you? We want to support you and encourage you to fulfil your potential through: Flex-leave schemes: We offer our employees the time and flexibility they need to enjoy a balanced life Annual leave: We offer 25 days holiday plus 8 bank holidays. Supportive relocation package: to make your move to London even more attractive. Award-winning pension scheme: Our multi-award-winning pension scheme includes generous employer contribution. Employee discount schemes: We offer you and your family an attractive range of discounts from retail and cinema to hotel bookings and vehicles benefits. Reserve Forces: We provide positive support to the Reserve Forces and allow employees who are Reservists to take additional time off. Salary sacrifice schemes including childcare voucher scheme: We encourage working parents to save money on childcare by offering them several advantageous facilities and vouchers. Career break: Where appropriate, we support our employees in pursuing other interests outside the workplace.To find out about all of our Company benefits please visit: Skills, Qualifications & Knowledge Required Mandatory Nationality and security clearance The role absolutely requires the candidate to be a Sole UK National with a current DV clearance or at least a current SC clearance. These factors will need to be proven by UK SV. The role will require clearance to STRAP DV Qualifications CISSP certification, or CESG Certified Professional (CCP) or equivalent CESG Listed Advisor (CLAS) Demonstrable understanding and experience of NIST 800 Series UK MOD policies: JSPs 440, (phone number removed) and 740 Capability to create and maintain supporting documentation in relation to a Risk Management Accredited Document Set (RMADS) Highly desirable Defence/MoD experience Agile/SAFe experience IT infrastructure design, build and implementation projects Cloud service implementation