Security Assurance Co-ordinator (specialist) - Milton Keynes

Description:

Scope of Work: The Security Assurance Co-ordinator (specialist) will be responsible for delivering the following outcomes and deliverables

Outcomes:

Deliver an advisory specialist service to the project delivery function.

Purpose: Assess the [assignment] project security posture, through the phases of project delivery and articulate the remediation activity via production of the Secure-By-Design self-assessment tracker.

For each project, main activities for the co-ordinator, collaborating with technical and security, will include the following:

1) Commence the registration of the Project to adopt Secure by Design

2) Capture business objectives and user needs

3) Ensure security is captured in the business case. Ensuring cyber security is captured in the business case, will enable further resources to be identified.

4) Update the Secure by Design Self-Assessment Tracker

5) Source evidence to support the security position and statements for the project

6) Track secure by design confidence profile to ensure cyber security remains integral as the service evolves.

7) Ensure specific security roles and responsibilities are assigned

8) Source a threat assessment with relevant teams

9) Determine which security controls will apply to risks

10) Support the implementation of a vulnerability management process with Operations teams

11) Update the security posture of the system where changes are applied.

12) Retire security components securely in the decommission phase.

Deliverables

Produce associated security artefacts as identified in the self-assessment tracker defined as part of the FCDO Security By Design

Process, working with risk colleagues within IDD/ICSD:

1. Completed Self-Assessment tracker

2.Working with risk practitioners to jointly produce Secure By Design assessments:

• Risk assessment papers,
• Risk Treatment Plan,
• Security Management Plan.
• Risk Balance Case

3. Preparation of reports to demonstrate compliance with SBD

4. Provide an update to Project leads on SBD status

Reporting and Communication:

The Security Assurance Co-ordinator will provide regular reporting to the SBD and Cyber Security Services Lead