Loading...
Share this Job

Information Security Consultant

Apply now »

Date: 09-Sep-2021

Location: Gatwick, GB

Company: Civil Aviation Authority

Salary Negotiable depending on experience

Contract type  12 Months FTC

 

We are the UK's aviation regulator and recognised as a world leader in its field. Our activities are diverse, enabling the aviation industry to meet the highest safety standards, and we pride ourselves on our ability to adapt to the constantly evolving aviation environment.

 

As we evolve in a modern world, it’s vital that we remain agile, forward-thinking, and easy to do business with. As the UK regulator, we’re at the forefront of anticipating, creating and implementing change within our world-leading aviation sector and must hold ourselves to the same standard.

 

The role

 

This is an exciting opportunity working in a fast-paced and dynamic environment contributing to the UK's aviation regulatory responsibilities. You will help us to ensure the protection of our information held internally and by related third parties, specifically focused on embedding security by design into project and business change. 

 

This role is key to our Information Security function, including Governance, Risk and Compliance, but also with a focus on Cyber Security and Operations, and it is considered vital in enabling our strategic aims to add maturity and achieve our targets.

 

Working on a variety of internal and external projects to ensure appropriate information security requirements are identified, delivered, and assured. Assessing the impact of projects on information security and work with the project team in delivering a secure design and secure solution for the organisation.

 

You will also be involved in reviewing project documentation including technical designs and ensuring that information security requirements are adequately tested by co-ordinating external and/or internal security testing.

 

This is a highly collaborative role where you will engage with project stakeholders across CAA enabling opportunities to work within the expanding Information Security Team in developing, implementing, and monitoring a comprehensive enterprise wide information security programme.

 

Key responsibilities

 

  • Act as the subject matter expert for all security matters relating to the selection, delivery and assurance of solutions. This will include a wide range of business and technical projects using both Waterfall and Agile methodologies.
  • Review and provide guidance on any relevant security related contractual clauses, including engagement throughout the Procurement process.
  • Assist with continuous assurance activity to ensure that CAA is compliant with industry benchmarks for security, such as the Cyber Assessment Framework (CAF) and Cyber Essentials.
  • Ensure that actions to address gaps in the management of security risks are agreed and tracked to completion
  • Provide expert support and advice to Security Operations and assist in response to major incidents.

 

About You

 

We are looking for Information Security Consultants who are familiar with practical application of information security concepts and practices, have strong experience of reviewing technical designs and solutions to identify security risks and opportunities for improvement.

 

You would have knowledge and experience of implementing secure solutions within Microsoft stack technology (including Azure) and with a range of SaaS service providers, in addition to understanding security best practise in access control, networks and applications.

 

You may have previously worked with Solutions Architects to deliver documented secure solutions.

 

You will have a good understanding and experience in the application of Security Controls and Frameworks to govern security and address or certify regulatory requirements, e.g. ISO27001/27002, NIST, OWASP, GDPR, PCI-DSS.  The Cyber Assessment Framework guidance from NCSC is fundamental to the CAA so knowledge or experience in this area will be of significant benefit, along with the other UK Government requirements for Information Classification and the HMG Minimum Security Standard.

 

What Can We Offer You?

 

It is a great time to join the CAA, we are transforming a number of our key technology services; continuing our focus and maturity of cyber security whilst building major new services for our customers to mature new ways of working including Agile and DevOps, and exploiting new cloud-based capabilities in Microsoft Azure.

We are focused on the development of our people and you will have the opportunity to work alongside creative and collaborative team members who are keen to make a difference to the organisation.

 

Additional Information

 

Given the impact of Covid-19, it’s likely that you will work remotely to begin with as we plan for a return to work within the government guidelines.

 

Working With Us

 

We offer a range of fantastic benefits such as flexible working arrangements, free onsite gym at Gatwick, discounted gym membership for London, 28 days annual leave, additional 5 days leave purchase scheme, a generous pension scheme and much more!

 

Wherever possible, we offer flexible and variable working hours to help our people effectively manage all areas of their lives. We are an equal opportunity employer and actively encourage applications from candidates of all backgrounds.

 

As a member of the Disability Confident scheme, applicants who meet the minimum criteria for a role with us will be guaranteed an interview. We use fair and inclusive selection approaches to hire the best person for the job based on merit alone. If you require an adjustment for any reason, please let us know.

 

Closing Date: 23rd September  2021

Interview Date: Beginning of October 2021

 


Job Segment: Information Security, Consultant, Consulting, Law, Technology, Security, Contract, Legal