Information Assurance Specialist , United Kingdom)

This review provides an in-depth look at the Cyber Security Governance & Assurance Specialist position, designed to assist potential candidates in understanding the opportunity and guiding their career progression.

About the Role: A Foundation for Security Excellence

The Cyber Security Governance & Assurance Specialist plays a critical role in safeguarding BT Group's and its customers' technological infrastructure and data. This position is central to the organization's comprehensive cyber security risk management program, ensuring robust protection for sensitive information and systems. If you are passionate about maintaining high security standards and have a keen eye for detail, this role offers a significant opportunity to contribute to a leading global telecommunications company.

Key Responsibilities and Opportunities:

• Contractual Security Mastery: A primary focus of this role is identifying and understanding contractual security obligations for customer contracts. This presents a fantastic opportunity for candidates to deepen their expertise in contract law and its intersection with cybersecurity.
• End-to-End Security Delivery: You will be instrumental in delivering and verifying end-to-end security services. This involves hands-on involvement in implementing security solutions and ensuring their effectiveness, a valuable experience for career growth in operational security.
• ISO 27001 Implementation: The role demands the delivery and implementation of ISO 27001 compliant security strategies, policies, and procedures. This is an excellent chance to hone your skills in a globally recognized information security standard, directly impacting your professional development.
• Risk Management and Compliance: A core aspect of the job involves managing operational risks across people, information, assets, revenue, and reputation. You will ensure compliance with national government regulations, contractual obligations, and company policies, which builds a strong foundation in regulatory adherence and business continuity.
• Third-Party and Awareness Management: Monitoring and managing third-party supplier compliance, as well as programme security awareness, are vital functions. This experience will enhance your skills in vendor management and fostering a security-conscious culture.

What You'll Be Doing: Driving Security Frameworks

• Security Governance, Risk, and Compliance (GRC) Management: You will be responsible for managing and maintaining GRC for specified customer contracts. This leadership aspect of the role allows you to shape and implement robust GRC processes.
• Security Framework Effectiveness: Implementing and measuring the effectiveness of security frameworks, processes, and plans is key. This practical application of security principles will be highly beneficial for your resume and future career prospects.
• Security Strategy and Policy Development: Supporting and taking ownership of customer-specific security strategy development offers a chance to influence strategic direction and contribute to innovative security solutions.
• Certification Management: Monitoring and managing the effectiveness and certification of contracts (e.g., ISO 27001, CE+) is a significant responsibility. This involvement in audits and certifications will provide valuable experience in maintaining industry standards.
• Security Testing and Remediation: Driving and delivering security test plans, including customer penetration testing and associated remediation, is an integral part of the role. This hands-on experience with security testing is crucial for any aspiring security professional.

Skills and Experience for Success:

To thrive in this role, candidates will need to demonstrate:

• Security Clearance: The ability to achieve and maintain security clearance is a fundamental requirement.
• Commercial Acumen and Customer Focus: Excellent commercial awareness and customer-facing skills are essential for building strong relationships and understanding business needs.
• Communication and Interpersonal Skills: Strong abilities in these areas will facilitate effective collaboration and problem-solving.
• Decision-Making and Planning: The capacity to make effective decisions and plan efficiently is critical for managing complex security initiatives.
• Time Management and Prioritization: Excellent skills in managing workload and prioritizing tasks will be necessary to meet demanding deadlines.
• Framework Knowledge: A solid understanding of frameworks like ISO 27001 and the Security Policy Framework is vital.
• Security Architecture and Operations: Good knowledge of security architecture, design, and operational processes will enable you to contribute effectively to security solutions.
• Proven Security Management Experience: A track record of 3-5+ years in security management is expected, demonstrating practical experience.
• Framework Implementation Experience: Demonstrable experience in implementing and managing security frameworks such as ISO 27001 or CE is a key requirement.

Why BT? A Career with Impact

BT is a global leader with a rich heritage, committed to providing secure connectivity and collaboration platforms to businesses worldwide. The organization values diversity, inclusion, and making a positive impact through digital inclusion and skill development. Joining BT means becoming part of a diverse, multi-skilled team that contributes significantly to society. The company encourages a flexible working environment and offers reasonable adjustments to support candidates throughout the selection process.

Key Considerations for Applicants:

• Security Clearance: Please note that this role requires the successful candidate to achieve and maintain security clearance.
• UK Working History: A minimum of 5 years of UK working history is mandatory for this position.
• Location: The role is based in Belfast.
• Career Grade: This position is at the 'D' career grade, offering competitive salary and benefits.

BT encourages applications from individuals who may not meet every single qualification, recognizing the value of diverse experiences and perspectives. If you are excited by this opportunity, we encourage you to apply, even if your background doesn't perfectly align with every listed requirement. You could be the ideal candidate for this or other roles within the wider team.