Information Security Manager

Information Security Manager

NCC

Location:
Bristol based with Hybrid working – 2 days on site, 3 days home

Salary:
£54,102 to £67,056 per annum (experience dependent)

Government Security Clearance:
You will be required to undertake government security clearance if successful securing this role. Please only apply if willing to undertake clearance process.

Closing Date:
25th November 25 – We reserve the right to withdraw the advert early if required.

Summary;

NCC is the UK's innovation partner We're supporting a range of interesting new projects in the defence sector and are hiring for an additional Information Security Manager to join our expanding secure operations team.

Your role as Information Security Manager is to ensure the effective protection of secure information and assets entrusted to and generated by the NCC. You'll report into the Head of Secure Operations and work with a wide range of internal stakeholders including secure operations teams, the board members & senior leadership, HR business partners, security & networking managers.

External relationship management will also be large part of your role including our defence sector clients and government bodies.

What you'll be doing;

• Reviewing new Security Aspect Letters (SALs) and assessing our ability to comply with the requirements Ensuring policies, processes and procedures are in place to enable us to meet requirements of SALs and enable us to work at the necessary security level
• Ensuring that the conditions of SALs are being met, including providing assurances with respect to security clearances and nationality constraints
• Working collaboratively with the IT team to ensure that Secure By Design principles and governance is being followed and documented
• Working collaboratively with the Engineering and Operations teams to enable technical and operational activity to happen in an appropriately secure manner
• Providing education, training and briefings to NCC personnel, contractors and visitors to ensure good security practice and behaviors
• Documentation and management of security risks and mitigations
• Management of security incidents and near misses, with subsequent implementation of control measures or improvements
• Ensuring that information security conditions are flowed down to contractors and subcontractors
• Hold the role of Deputy Facility Security Controller and Deputy Personnel Security Controller Ensure that any breach of personnel security is immediately reported in accordance with Government requirements and contractual responsibilities.
• Support the Security Controller in security accreditation matters, facilitation of visits and inspections by representatives of the Government or other contracting authorities.
• Support the recording and management of classified assets in accordance with established security procedures and asset registers Projects, Change and Improvement
• Work with Delivery, Sector and Capability teams to ensure that Security is considered from the outset of a project, throughout the project lifecycle, and in transition to business-as-usual

So, what are we looking for in your application?

We will prioritise applications with background in fields such as engineering or defence. Specific experience we will look for in your CV would include;

• Experience in Information Security Manager or equivalent role
• Existing Government Security Clearance OR willingness to undertake. We are happy to consider those without existing clearance as long as you meet the criteria to apply.
• Experience of MOD standards relating to the security of information Experience of working at UKG classification levels
• Knowledge of Secure by Design principles and methodology
• Sound knowledge of information security risk management and a working knowledge of cybersecurity technologies
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, as well as those from NIST, including and Cybersecurity Framework
• Desirable: Relevant accreditations including Cyber Essentials, Cyber Assured, etc.

In terms of personal qualities, we will look for a high level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity. Good communication skills, analytical skills and the ability to work effectively with a range of people.

What do we offer in return?

Hybrid and flexible working patterns, annual salary reviews, company paid private medical insurance, up to 12.5% employer pension contribution, great people, honorary staff status at the University of Bristol. With a genuine focus on wellbeing, EDI and learning and development this is a chance to build your career in a thriving R&D facility with a bright future. Unsure if you should apply? Got a quick question you wanted to check beforehand? Please feel free to reach out to the recruitment team –

Why the NCC?

We see our success in yours. The future of composites manufacturing relies on the NCC, and we rely on the right individuals to make it happen, whether they're engineers or not Diverse challenges – the NCC isn't just about aerospace. We're working with over 16 sectors and a variety of customers, from private ventures to the global tier 1 companies, providing variety to your experience. Innovation – a world-leading research and development centre, the work we do brings novel and innovative solutions to industry, with the future firmly in mind. So we need innovating thinking not just in Engineering, but across all support functions. Development in composites, and you – if the scope of exciting work isn't enough to sway you, our ethos of continued learning and development and flexible working patterns will.