new search
date title
07/12/12
referral award  not applied
  Security Controller
IBM
Southern

Security Controller
IT Specialists in this job role will have expertise in analyzing and translating business requirements into control objectives, design security controls and implement them along with a security management cycle. Security specialists assist in finding the proper balance between enabling and securing in relation to the customers organization, culture and ecosystem. Typical examples of the deliverables include asset classification models, risk analysis reports, information security policies, security solution scenarios, implementation plans, security services, organization models, procedures, security services, security effectiveness evaluation reports and security awareness workshops. T Specialists who apply their technical skills to support the operation and maintenance of vendor products, services, and solutions. Individuals who are part of Support typically have responsibility for sizing, troubleshooting, and critical customer situations.

NB: It is important to note, that although the Security Controller's function under the Board Level Contact is an executive one, overall contractual responsibility remains with the Board of Directors.
The Security Controller is specifically responsible for interpreting, implementing and monitoring security controls for the appropriate protection of government protectively marked assets held on the contractor's site, by:
a. liasing within the company, and between the company and the DSO or MOD DE&S DD SY/PSYA
b. advising management on the interpretation and implementation of contractual and, where appropriate, legislative security controls
c. preparing and implementing the Company Security Instructions, System Security Policy (SSP) and Security Operating Procedures (SyOPs) making sure that they are made available to, and understood by all appropriate employees, and updating them as necessary
d. being readily available for consultation and giving security advice to the contractor's management and employees
e. co-ordinating the planning of appropriate security controls for a new contract or for the alteration of buildings where protectively marked assets are to be handled, stored or produced.
f. arranging for appropriate security education and awareness training, particularly for new, young or inexperienced employees, to ensure that they understand the scale, nature of the threats and protective security controls required
g. ensuring that any breach of security is immediately reported to MOD DE&S DD SY/PSYA or the respective Contracting Authority and, if appropriate the regional police and that the circumstances are investigated, the outcome is recorded in the company breaches register and a full report and impact analysis is passed to the Contracting Authority or MOD DE&S DDSY/PSYA as appropriate
It is important for the Security Controller to consult widely within the company when considering security controls for a new contract or alterations to buildings requiring the co-operation and resources of several departments. Failure to discuss requirements for such controls well in advance may subsequently result in hurried and expensive remedial controls.
The Security Controller must, as soon as possible, inform the Contracting Authority or, in respect of MOD contracts, MOD DE&S DDSY/PSYA when each contract containing Security Measures such as DEFCON 659 (refer to appendix 1, ‘List X Contractual process’) or other applicable Security Measures has been completed or when the List X site is no longer undertaking contracts that include such Security Measures.
Where the Contracting Authority places a separate contract with a consultant who is an employee of a List X contractor, and the work is to be carried out outside the Contracting Authority's premises, the List X contractor's Security Controller is responsible for ensuring that security controls are appropriate to protect the protectively marked assets against compromise.
Qualifications: Bachelors
Experience: 10 years +
Languages: English : Speak / Write Fluently
Job-Type: open-ended
Remuneration: unspecified
Permit Type: UK Citizen
Region: Southern
Bachelor's Degree
Member of the Defence Industry Security Association
Must be UK National (HMG requirement)
English: Fluent


Additional information
The candidate will be a tenacious, confident self starter who has excellent communication and negotiation skills, and who is passionate about what they achieve. A high degree of drive and energy, first class analytical skills, and the ability to foster lasting client relationships are essential.

IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, national origin, genetics, disability, age, or veteran status.

HOME HOME