Description:
As a Project Security Manager, you will play a key role in providing an excellent security assurance service to our clients while identifying improvements to existing security programmes and processes. The role will manage all aspects of classified project delivery across the domains of Personnel, Physical and Information Security. You will be the focal point for all security assurance activity within your respective sector(s) providing targeted security direction and guidance as required.
This role requires someone with HMG or MOD experience and knowledge and experience in ISO 27001, GDPR and NIST CSF.
Line Management
Line management of a small team of three: Security Vetting Coordinator, Information Controller and Compliance Digital Project Manager.
Interface
Regular Interface with internal stakeholders: Defence and other Sector Leads, IT Infrastructure and Security Manager, Quality Managers etc.
Key Responsibilities
- Regular liaison with client security and project delivery teams in interpreting, implementing, and monitoring client security requirements as outlined in contractual security schedules or Security Aspects Letters (SALs).
- Leading the security and audit accreditation and certifications process for all external compliance requirements associated with required sectors.
- Leading the development and implementation of governance and processes associated with security assurance for required sectors.
- Planning and delivery of assurance activities as required by contractual obligations, including but not limited to; induction briefings, project-specific security briefings, project onboarding, and security awareness training.
- Measuring and assessing the performance and effectiveness of security controls, identifying, and implementing solutions where corrective action and improvements are needed.
- Reviewing the competencies of RLB’s supply chain in all security assurance domains (Personnel, Physical & Information).
- Collaborating with business areas in the identification, management, and mitigation of risks to RLB and its clients.
- Leading the development and maturity of RLB’s Security Management System
- Supporting investigations for all security incidents, including near misses, reported within your respective sector.
- Line management responsibilities for team of three.
Experience
- Experience as a security manager or security controller.
- Knowledge of HMG/MOD security framework, policy and controls (CE+, DefStan, NIST).
- FSC, IPSA, ISO27001 knowledge.
- Knowledge of risk management methodologies and practical experience of applications.
- Excellent working knowledge of Microsoft 365, including Word, PowerPoint and Excel.