Automation Engineer Our client is a leading developer of Integrated Bridge Management systems used on marine vessels. They are looking to hire PLC Software Engineers...
Information Assurance Manager
Our client is a leading developer of platform management systems used on marine vessels. They are looking for someone with Information Assurance and risk experience to join their business. You would be responsible for ensuring the accreditation of a system using COTS PLC and SCADA technologies, is achieved against JSP440.
Key responsibilities include:
- Establishing guidelines and policies surrounding risk and security
- Audit work undertaken against agreed management plans, procedures and policy
- Audit current and future Commercial off the shelf based PLC and SCADA systems
- Working with the engineering teams to implement the right security strategy
- Monitor selected COTS hardware and software for any suspicious behaviour or traffic
- Document best practices for security and information assurance based on business and user requirements
- Responsible for production of RMADS to support accreditation against JSP440
- Chair security working groups with internal stakeholders, customer, end user and accreditor
- Planning IA activities to support design system engineering design reviews, software design reviews and software delivery
- Mentoring engineers in IA best practice and embedding an IA culture
- Functional management and mentoring of a graduate IA engineer
- Working within a multi-disciplined team including project managers, supply chain, software engineers, hardware engineers, safety engineers and quality engineers
- Support to new bids and proposals for future opportunities
- Conduct penetration testing to find exploitable weaknesses
- Occasional travel around the UK to suppliers and customers
For this role the ideal candidate would have:
- Ability to use HMG Standards, including Information Assurance Standard 1 and 2 for technical risk assessment and creation of Accreditation documentation.
- Have worked with and implemented:
- HMG Departmental Policies and Publications such as MoD Joint Service Publications.
- CESG Good Practice Guides and other CESG guidance.
- Cabinet Office Policies such as the Security Policy Framework.
- Systems in high impact level environments, including achieving full IA Accreditation.
- Used HMG Approved hardware devices such as Data Diodes and Enhanced grade encryption devices.
- Familiarity with personal computer lockdown techniques using domain based technologies.
- Security Cleared or be prepared to undergo a Security Clearance.
- Someone with Good presentation and customer facing skills, including working on Security Working Groups.
- Collaborative working to resolve conflicting requirements
- Understanding of systems engineering lifecycle and how to apply this to IA
- Communication of complex technical issues and solutions to non-technical stakeholders
This role would be suitable for:
- An experienced Security Architect who was also a CESG Listed Advisor Scheme (CLAS) member and is now a CESG Certified Professional (CCP).
- Information Assurance (IA) practitioner.
- Experienced ISO27001 practitioner, including creating Statement of Applicability's.
- Someone who has an understanding of Cryptographic techniques and technologies.
Ideally, the candidate would be:
- A member of an IA group such as the Trusted Security Advisor Register (TSAR).
- A member of an IA related professional body such as IISP, APM Group or BCS.
- Familiar with Network Penetration Testing using manual or automatic methods including tools such as the US DoD Cyber Security Evaluation Tool.
- Experienced in a maritime environments.
- Experienced in Industrial Control Systems environments.
The recruiter has stated that all applicants for this job should be able to prove they are legally entitled to work in the UK. Carbon60 is a trading name of Carbon60 Limited an Employment Business/Agency.