Information Security Manager - Northrop Grumman - London

The Post holder will take the lead and provide a focal point for security and information risk matters and be responsible for the plans to develop and improve information security on the FABrIC programme.

• Perform risk assessments of systems and networks within the networking environment or enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy through passive evaluations such as compliance audits and active evaluations such as vulnerability assessments.
  


• Establishes strict program control processes to insure mitigation of risks and support obtaining certification and accreditation of systems.
  


• This position includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits.
  


• Assist in the implementation of required government policy, make recommendation on process tailoring, participate in and document process activities.
  


• Perform analysis to validate established security requirements and to recommend additional security requirements and safeguards.
  


• Support the formal Security Test and Evaluation required by government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports.
  


• Document the results of Certification and Accreditation activities and technical or coordination activity, and prepare the system Security Plans.
  


• Periodically conduct a complete review of system audits and monitor corrective actions until all actions are closed.
  


• This position will also support activities associated with ISO27001-2013 certification and the implementation of a program-wide Information Security Management System (ISMS).
  


• Responsible for providing objective-oriented direction to subordinates utilizing management guidelines & general policies.
  


• Acts as an advisor to the programme regarding tasks, projects, and operations. Becomes actively involved in daily operations only when required to meet schedules or to resolve complex problems.
  


• Ensures that projects are completed on schedule and within budget.
  


• Frequent contacts with internal personnel and outside customer representatives at various management levels concerning operations or scheduling or specific phases of projects or contracts.
  


• Conducts briefings and participates in technical meetings for internal external representatives concerning specifics operations.
  

Qualifications

• Bachelor’s of Science degree in Engineering, Computer Science, or related technical field with 10+ years of related experience.
  


• Experienced with the use of monitoring tools such as SIEMs, IDS/IPS and vulnerability scanners.
  


• Experienced with standards compliance processes (specifically ISO27001-2013)
  


• Experienced in a wide range of network and network security devices, including Cisco routers, Cisco switches, Cisco firewalls, data encryptors
  


• Experienced in creating and maintaining Risk Management and Accreditation Document Set (RMADS)
  


• Logical thinking and analytical ability.
  


• Aptitude in solving problems independently.
  


• Strong verbal and written communications with all levels of stakeholders.
  


• Ability to obtain and maintain a security clearance
  


• Hendon, London or Coventry,
  


• Occasional travel to the US may be required
  

Northrop Grumman Corporation is a leading global security company providing innovative systems, products, and solutions in unmanned systems, cyber, C4ISR, and logistics and modernization to government and commercial customers worldwide.