---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Security Consultant
Location: Bristol, , United Kingdom
Type: Contract
Closing Date: 2005-08-19
Work is required to support the infrastructure re-accreditation as follows:
1. Prepare an Accreditation Document Set which describes the security
controls which operate on the subject Client secure infrastructure.
2. Prepare accompanying documentation to support the accreditation of a
secure laptop platform for use in conjunction with this infrastructure.
3. Support Client in the re-accreditation process for the above by helping
to respond to feedback from the system Accreditor and his technical advisor.
Revise and maintain the Accreditation documentation as required until system
re-accreditation has been completed.
The ADS(s) must be compiled in accordance with government requirements as
detailed in the Manual of Protective Security and the HMG Infosec standards.
Due account must also be taken of the security requirements published in CESG
memoranda. The ADS(s) must be constructed to recognise where controls are
implemented through the wider Client IT Security framework of corporate
policies and standards.
1. Work is to include the rewriting of user security operating procedures
(SyOps) for the system.
2. Work is to include compiling Residual Risk calculations in accordance
with HMG Infosec Standard No1.
As a result the individual will possess formal qualifications or
certifications, which will include formal recognition under the CESG Listed
Advisor Scheme.
a) Acknowledge this Statement of Requirements and explain the
bidder’s approach to meeting it (to include technical approach, quality,
staffing (one, or more), and availability of staff (start date and number of
days per week available), CV(s) for proposed staff, management and reporting
approach).
b) Indicate approximate timescales and effort estimates (ranges preferred,
as bidders will not be given the opportunity to inspect existing documents
prior to contract award). A start up period for familiarisation prior to the
production of the plan (D1) may also be declared but Rolls-Royce will judge the
quality of the proposal partly on how much time and effort the bidder requires
for this. D1 once approved will become contractually binding on the successful
bidder although it will be able to include some float to respond to queries on
draft documents and support teleconferences etc with MoD and other parties.
c) Confirm current MoD security clearances and nationalities for the
proposed staff, together with availability to start this work on or after
August 15th 2005.
JOB REQUIREMENTS
---------------------------------------------------
• A background in IT security controls for HMG Accredited Systems at UK
Secret or above.
• Detailed knowledge and practical experience of the application of HMG
Security Accreditation Frameworks
• Knowledge of MS Windows and Unix security environments
• The ability to work independently and liaise effectively with both
technical and business staff.
• Practical experience or understanding of Industry systems accreditation
in the Defence sector.
CONTACT
---------------------------------------------------
Information Security Solutions
Iain Sutherland
iain@InformationSecuritySolutions.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
