Job Description

Information Services and Security have a vital role to play in a crucial national mission. We\'re here to enable the organisation to deliver through the use of technology. As AWE transforms itself to meet the needs of the UK\'s next-generation nuclear deterrent, we need to adapt to deliver data-driven decision making, flexible and future-proofed IT services, adaptable cyber security, support to a multi-billion Pound building programme, and many more.

The scale might be daunting to some, but you\'ll find it stimulating. We\'ve got a long journey that we\'ve only just started and we\'re looking for motivated people who can take us in the right direction. Your role will contribute directly to that shared mission. We won\'t deceive you, in some areas we\'re starting from a low base, but within ten years this organisation will look very different, and you can help make that happen. This is a role where you\'ll contribute to a legacy of national security for decades to come. So come and join us.

As demand is growing from across our organisation, we are looking to recruit a high performing, self-starting, completer-finisher with a keen eye for detail to join AWE Information Assurance as a Cyber Security Assessor. The successful applicant will be required to contribute effectively and efficiently as a key part of the system that protects AWE\'s material, information, and assets today and for the future.

As a Cyber Security Assessor, you will provide specialist information security oversight, advice and guidance to AWE\'s projects and functions on all aspects of information security.

As part of our People Promise, AWE (one of the best 25 big companies to work for in the UK) has a range of benefits to suit you. These include:

• Time to recharge your batteries with 270 hours of annual leave (plus every other Friday off work)
• Consideration for flexible working arrangements so that your work may fit in with your lifestyle. Just let us know on your application if you wish to work part time
• Opportunities for Professional Career Development that include funding for the annual membership of a relevant professional body, access to mentors and training
• Employee Assistance Programme and Occupational Health Services
• A generous defined contribution Group Personal Pension (we will pay between 9% and 13% of your pensionable pay depending on your own contribution)
• Life Assurance
• Discounts - access to savings on a wide range of everyday spending
• Special Leave Policy including paid time off for volunteering, public service (including reserve forces) and caring for your family
• A host of voluntary & core benefits to suit your health and wellbeing - more information available on our careers site

Key Accountabilities:

• Providing analysis of risks to information systems in order to inform risk owners and allow effective decision making.
• Provide expert subject matter advice to CISO and other elements of the Information Services management chain.

Key Responsibilities:

• Cyber Security Assessments of Information Technology and Operational Technology systems.
• Determining the appropriate level of security assurance effort to ensure risks are being managed within our risk appetite.
• Identification, management, and mitigation of security risks, and appropriate verification methods.
• Contributing to Information Assurance policy, processes and other related documentation
• Advising AWE managers on the appropriate level of risk tolerance.
• Assessing the performance and effectiveness of security elements as directed and advising of potential solutions where corrective action and improvements are needed.
• Working with Information Assurance team colleagues to develop and improve techniques and methodologies to suit emerging business demands.
• The Company may require you to fulfil any other reasonable duties aligned to your position from time to time in line with business needs.

The Candidate:

Essential

• Experience of working within Cyber Security on a wide range of simple and complex systems.
• Excellent communicator, at a technical and non-technical level, to a range of stakeholders.
• A wide awareness of Cyber Security across Government and Industry.
• Proficiency with Microsoft Office applications, including SharePoint and Teams.
• Certifications such as ISO27001, COMPTIA Security+, Certificate in Information Security Management Principles (CISMP) or equivalent.

Desirable:

• Certified Information Systems Security Professional (CISSP), ISACA Certified in Risk and Information Systems Control (CRISC), ISACA Certified Information Security Manager (CISM) or equivalent
• Membership of an accredited Professional body such as Chartered Institute of Information Security (CIISec) ISec, BCS etc.
• Understanding of \'Secure by Design\' methodology.

All Candidates must be willing and able to obtain and maintain the necessary security clearance for the role.

Atomic Weapons Establishment