Experis IT logo

MOD SC Security Assurance Coordinator CGEMJP

Experis IT
1 hour ago
Contract
London
United Kingdom
£600 - £690 GBP daily

Role Title: Security Assurance Coordinator

Duration: contract to run until 31/03/2027

Location: Hybrid role, predominantly remote, but some travel to Client sites will be required (estimate on average 1-2 days per week to either London and/or Bristol/Bath, occasionally more during certain phases of delivery as the need arises).

Rate: up to £690 p/d Umbrella inside IR35

Clearance required: Active MOD SC Clearance is required

Role purpose/summary

We are seeking a Client experienced, senior Client facing Security Consultant to drive the Security Assurance activities for a number of digital products/platforms, being developed as part of a broader client business and digital transformation programme for which Capgemini is the Client's prime Digital Delivery Partner. The products/platforms are being deployed on to the client's Digital estate for use by military end users.

You'll be operating in a cross-Programme role, working collaboratively with the Delivery Managers and Technical Leads/Solution Architects for each of the digital products/platforms being developed, and the key Client stakeholders for them (Project Managers, Service Owners, Senior Responsible Owners (SRO), Information Asset Owners (IAO), JSP453 Case Officers/Service Transition Officers, Technical Assurance/Technical Design Authority).

You'll be responsible for ensuring that each of the digital products/platforms being developed are appropriately Secure by Design (SbD), compliant with relevant client and industry standards, and are adhering to the client security assurance requirements at each stage of their product life cycle, from Design through to Live service/Through Life Support.

Key Responsibilities:

Security Assurance

  • Support Secure by Design (SbD) compliance, including threat and risk assessments, architecture and security control reviews, CAAT, DPIAs, ToA, Data Through Life Management, and assurance status tracking.
  • Develop and review SMPs, SyOPs, vulnerability and patch management plans, privacy notices, and terms of use.
  • Support DAR entries, IT health checks (ITHC) or SAST/DAST testing where applicable, remediation action plans, and MODCERT reporting using Vigilant.

Wider Client Assurance

  • Support JSP 453 compliance, including PEF and TRRA responses.
  • Engage with JSP453 rule owners and Security Transition Officers/Case Officers to secure approvals and sign-off.

Security Planning and Risk Management

  • Ensure Security Assurance activities are appropriately documented in Delivery Plans (working with Delivery Managers)
  • Maintain RAID inputs and tracking and assist with identification and escalation of security risks.

Cyber Security Governance

  • Support internal and external cyber security audits.

Design & Delivery Support

  • Contribute to security requirements definition (principles, functional and non-functional requirements) within an Agile SDLC.
  • Support access control design, configuration, and security test script development.

Specialist Assurance

  • Support NCSC Bulk Data Assessments where bulk data is in scope.
  • Support Secure Software Development Lifecycle (SSDLC) management when required.

Education & Awareness

  • Promote Secure by Design through cyber security education and awareness across delivery teams.

Key Skills and Experience

Essential

  • Proven experience as a Client facing Security Assurance Consultant/Coordinator/Security Manager, or similar role.
  • UK client Delivery experience, including experience of delivering across the Government Digital Services (GDS) life cycle, and managing assurance activities to Client's Secure by Design (SbD), JSP 453 (or earlier JSP 604), and JSP 440 standards.
  • Experience working with distributed or hybrid teams.
  • Demonstrated ability to work across cross-functional teams.
  • Excellent facilitation, communication, and stakeholder management skills.
  • Experience managing security risks, issues, and dependencies.
  • Familiarity with Agile delivery tools - Jira, Confluence

Highly Desirable

  • Experience managing the Security Assurance aspects of digital products deployed onto the Client Digital estate
  • Background in secure digital product design and development, software engineering, data, or transformation projects.
  • Security Certifications.

All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!