FCO+HomeOffice IA / Accreditor

Technical and Information Assurance Security Consultant (2007-2010 )
Based in London and elsewhere, I was the technical security authority for this organisation and ran the technical security management programs for the department with their private sector partners. I was proactive in getting the organisation and its private sector partner organisations thinking about accreditation under the SPF requirements of Mandatory Requirement 36 including delivery of Accreditation across Public/Private sector partnerships for previously unaccredited BIL 5 infrastructures. This involved

  1. Site visits
  2. Regular presentations to monthly security working group on new issues for the organisation which was attended by partners/users of the service.
  3. Acting as ‘proxy’ for the senior accreditor ( and on behalf of the SIRO and Information Asset Owner ).
  4. Developing Security Assurance Strategy for the organisation.
  5. Managing the ownership of enterprise risk.
  6. Production of risk assessments for new enterprises and technologies.
  7. Managing special evaluations with CESG ( now NCSC ) for new technologies as well as systems already in use.
  8. Initiating and assisting with Security Policy Framework compliance program across the business.