Information Security Assurance Manager – Air and Defence 

Location: London, United Kingdom

Salary: £80,000 - £90,000

We are working with a leading firm in the UK Defence arena that is actively seeking an Information Security Assurance Manager who can lead areas of their business to meet risk and security industry standards.

You will work with business and IT areas to promote good security processes to help them meet ISO27001 certification.

 

Although this is an Assurance based role, an appreciation and understanding of security technology areas are essential. The successful

Security Manager will also understand the threat landscape relevant to aviation and defence space is crucial.

 

You will act as the security expert and provide leadership, supervision, and guidance to various stakeholders in the firm. This includes supporting the team’s risk work by reviewing aviation cyber security risks, including threat and vulnerability assessments, effectively communicating this to both industry and relevant areas to inform safety and security decision making where required.

 

Responsibilities

  • Developing and supporting future cyber security regulations, standards, and guidance.
  • Develop and implement a practical framework that meets aviation and defence regulatory responsibilities.
  • Develop and implement the effective framework and controls meeting UK and European standards.
  • Evaluate how the firm is meeting cyber security requirements and, where necessary, provide training and guidance, as required.
  • Lead Cyber risk assessments in the areas of Security Operations and monitoring and communication, and network security.
  • You will also be a point of contact for relevant global regulators and relevant third parties.
  • Awareness of vendor risk concerning the air and defence sector.

 

 

Criteria

  • Strong working experience in the military and defence sector
  • Security specific qualifications such as the following are important: CISSP, CISM CRISC or CISA
  • ISO27001 certified auditors would be highly desirable but not crucial.
  • Extensive experience in assisting firms in meeting security standards and frameworks: ISO27001, NIST, NIS (D),
  • Knowledge of NATS systems advantageous
  • The capability of gaining SC clearance.
  • Current clearance advantageous