Location: 3 days per week in the Aldermaston office.
Key Accountabilities:
Provide a focal point for resolution of security and information risk matters.
Identify, analyse, and evaluate information risks.
Explain to risk owners and other stakeholders the causes, likelihood, and potential business impacts of information risks throughout the information system lifecycle.
Assess compliance with applicable regulations, standards, policies, and guidance on information risk management.
Present risk management options to the business.
Support the development of appropriate and proportionate documentation to inform risk management decisions, ensuring these are expressed in terms meaningful to the business.
Promote security awareness.
Maintain and promote high personal standards in environment, safety, health, security and quality and be a great team player.
Use repeatable and consistent risk assessment techniques to identify emerging information risks throughout the life cycle of assigned information systems, services, or business solutions.
Co-ordinate the identification of suitable risk treatment options in the context of the business and ensure these are traceable to risks.
Develop security evidence as required and specified by the business to enable the effective and consistent application of the risk management process: ensuring these are necessary and proportionate and match the business requirement.
Support the Accreditation process.
Present security briefings to users or local management.
Contribute to security communications.
Draft requirements for external assurance activities.