Deputy Security Controller

Job description The role of Deputy Security Controller is a regulatory mandatory role.
The role holder will be a key manager in the delivery of facility security assurance and continued compliance.
They will take the lead on ensuring KPMG UK manages it obligation to the Accreditor.
They will liaised and consult closely with the Security Controller Function including where necessary with vetting processes, They will hold close relationships with the Business, HR including Welfare activity, incident investigation and disciplinary processes.
They will liaise with key accreditors and regulating entities as is necessary to assure rigorous oversight and compliance is maintained throughout all activities.
Being a FSC and IPSA accredited contractor allows KPMG to sponsor staff for security clearances which is crucial in winning and delivering work across Government and Industry.
This allows KPMG to sufficiently resource and work with sensitive protectively marked material.KEY STAKEHOLDERSFSC - Board Level ContactSecurity Assurance Oversight CommitteeNational Security - Security Oversight GroupClients and the BusinessAll cleared staffSponsoring AuthoritiesKEY RESPONSIBILITIESComplianceOversight of the facility and personnel Security Assurance Function as an integral element of KPMGs FSC assurance and compliance plan and deliver this across the firm in support of all HMG activityDeputise in management of the relationship with Defence Equipment and Support (DE&S) Principal Security Advisor (PSyA) and maintenance of the KPMG FSC and IPSA certification [DE&S & CPNI ExtraNet access needed]Maintain and enhance the delivery of engagements across all Defence and Government clients and conduct oversight over this activitySupport the firm's mission to build client trust and confidence regarding information and personnel securityStay abreast of industry best practice in relation to information security governance, risk & compliance [Membership of DISA needed]Agreeing Security Aspects Letters for all engagements involving material classified higher than OfficialAct as Committee Secretary to the Security Assurance Oversight CommitteePolicyManage the development, maintenance and communication of the UK firm's FSC information security policiesAssist with preparing and implementing the Company Security Instructions (as defined within HMG's Security Requirements for FSC Contractors)Promote good information security practice and standards across the firmRisk ManagementSupport proactive and timely identification, evaluation and recording of non-compliance and information security risksFoster an environment that drives appropriate information risk control behaviour, including early anticipation, identification and mitigation of information risk, escalating issues in line with the Information Risk & Control FrameworkPrepare and distribute Management Information in support of Oversight Activity for the Security Assurance Group and Board Level ContactAwareness and collaborationEstablish strong relationships with business and functional teamsArrange relevant and appropriate security education and awareness trainingEstablish strong relationships with DE&S and other relevant stakeholdersBuild on and preserve the firm's reputation with clients, and the firm's mission to become the 'Most Trusted'KNOWLEGDE, EXPERIENCE AND SKILLSTechnical Knowledge and qualificationsA minimum of 5 years experience focused on security and assurance preferably in a high grade Defence or Government arena Practical expertise in advising on high grade security assurance policy and standardsStrong knowledge of HMG security standards ( Cabinet Office Security Policy Framework, JSP 440, Industry Security Notices and CESG IA standards)Strong understanding of privacy requirements (including GDPR)Ability to attain and maintain a very high level of National Security Vetting (NSV DV as minimum without restrictions) Note: The successful candidate will be a sole UK National born in the UKWhere necessary undertake additional responsibilities as required and defined by clients in order to support client facing staff deliver the clients contractual obligations.Be on call and be able to attend the facility when required to within time limitations.Leadership skillsExperience of leading and inspiring others, providing guidance, mentoring and planningDisplay and foster the highest levels of trust and integrityAbility to deal with a broad range of stakeholders at all levels, both internal and external, in a confident and assured mannerAbility to prioritize and manage a complex workload, including multiple tasks for themselves and direct reportsStrong influencing skillsAnalytical skillsProven ability to identify and articulate information security requirements, risks and issues, and to make clear decisions and recommendationsAbility to understand business drivers and risk appetite and to align information security compliance accordinglyStrong analytical and problem-solving skillsPersonal QualitiesA good team player, with the ability to act independently and exercise sound judgmentExcellent communication skills, both written and verbalMulti-cultural awareness and sensitivityStrong integrity, independence and resilienceExcellent attention to detail combined with strategic visionKEY STAKEHOLDERSFSC - Board Level ContactSecurity Assurance Oversight CommitteeNational Security - Security Oversight GroupClients and the BusinessAll cleared staffSponsoring AuthoritiesKEY RESPONSIBILITIESComplianceOversight of the facility and personnel Security Assurance Function as an integral element of KPMGs FSC assurance and compliance plan and deliver this across the firm in support of all HMG activityDeputise in management of the relationship with Defence Equipment and Support (DE&S) Principal Security Advisor (PSyA) and maintenance of the KPMG FSC and IPSA certification [DE&S & CPNI ExtraNet access needed]Maintain and enhance the delivery of engagements across all Defence and Government clients and conduct oversight over this activitySupport the firm's mission to build client trust and confidence regarding information and personnel securityStay abreast of industry best practice in relation to information security governance, risk & compliance [Membership of DISA needed]Agreeing Security Aspects Letters for all engagements involving material classified higher than OfficialAct as Committee Secretary to the Security Assurance Oversight CommitteePolicyManage the development, maintenance and communication of the UK firm's FSC information security policiesAssist with preparing and implementing the Company Security Instructions (as defined within HMG's Security Requirements for FSC Contractors)Promote good information security practice and standards across the firmRisk ManagementSupport proactive and timely identification, evaluation and recording of non-compliance and information security risksFoster an environment that drives appropriate information risk control behaviour, including early anticipation, identification and mitigation of information risk, escalating issues in line with the Information Risk & Control FrameworkPrepare and distribute Management Information in support of Oversight Activity for the Security Assurance Group and Board Level ContactAwareness and collaborationEstablish strong relationships with business and functional teamsArrange relevant and appropriate security education and awareness trainingEstablish strong relationships with DE&S and other relevant stakeholdersBuild on and preserve the firm's reputation with clients, and the firm's mission to become the 'Most Trusted'KNOWLEGDE, EXPERIENCE AND SKILLSTechnical Knowledge and qualificationsA minimum of 5 years experience focused on security and assurance preferably in a high grade Defence or Government arena Practical expertise in advising on high grade security assurance policy and standardsStrong knowledge of HMG security standards ( Cabinet Office Security Policy Framework, JSP 440, Industry Security Notices and CESG IA standards)Strong understanding of privacy requirements (including GDPR)Ability to attain and maintain a very high level of National Security Vetting (NSV DV as minimum without restrictions) Note: The successful candidate will be a sole UK National born in the UKWhere necessary undertake additional responsibilities as required and defined by clients in order to support client facing staff deliver the clients contractual obligations.Be on call and be able to attend the facility when required to within time limitations.Leadership skillsExperience of leading and inspiring others, providing guidance, mentoring and planningDisplay and foster the highest levels of trust and integrityAbility to deal with a broad range of stakeholders at all levels, both internal and external, in a confident and assured mannerAbility to prioritize and manage a complex workload, including multiple tasks for themselves and direct reportsStrong influencing skillsAnalytical skillsProven ability to identify and articulate information security requirements, risks and issues, and to make clear decisions and recommendationsAbility to understand business drivers and risk appetite and to align information security compliance accordinglyStrong analytical and problem-solving skillsPersonal QualitiesA good team player, with the ability to act independently and exercise sound judgmentExcellent communication skills, both written and verbalMulti-cultural awareness and sensitivityStrong integrity, independence and resilienceExcellent attention to detail combined with strategic vision