We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Cyber GRC /Configuration Management Analyst at Sword Group. Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, driving real transformation change within our clients.  We use proven technology, specialist teams and domain expertise to build solid technical foundations across platforms, data and business applications.  We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals.. About the role:. Develop and document a comprehensive Configuration Management Plan that aligns with the guidelines and recommendations set in NIST SP 800-128. This plan will serve as a critical framework to ensure that all configuration items are effectively managed and monitored, thus supporting the overall integrity and security of the information systems.. In addition to the core elements of the plan, it is essential to clearly define and document the roles and responsibilities associated with the 2nd Line of Defense within the Configuration Management Plan. This will facilitate accountability and streamline processes, ensuring that all stakeholders understand their specific duties and contributions to the success of the configuration management efforts.. Once the Configuration Management Plan is developed, a thorough rollout process will be initiated. This will involve communicating the details of the plan to all relevant personnel and stakeholders, as well as assigning specific responsibilities to ensure its effective implementation. . Here’s what the role looks like:. . Develop and document a Configuration Management Plan in alignment with NIST SP 800-128. .  Document the 2nd Line of Defence roles and responsibilities in the Configuration Management Plan. .  Rollout of the Configuration Management Plan, including communicating and assigning responsibilities. .  Document Secure Configuration Policy Level Statements to define overarching secure configuration principles, including review then communicate it. .  Document all the Configuration Compliance tooling which currently exists . .  Gather Configuration Compliance reports from monitoring tools. .  Analyse the reported deviations and escalate where necessary to drive the deviation resolution. .  Define an Approved Software List for RedHat Linux. .  Update the change management process and include input into the Change Advisory Board (CAB). .  Communicate the updates to change management teams. .  Update the project assurance process. . . Experience with Cyber Security standards such as ISO27001, or NIST 800-53​.. .  Knowledge of Secure Configuration and Cyber Security Policy​.. .  Experience writing cyber security policies and procedures​.. .  Ideally experience with a Configuration Management Plan​.. .  Strong documentation writing skills​.. .  Ability to understand process flows and RACIs​.. .  Ability to distil complex security concepts in to simple language that can be understood by business users​.. .  Ability to summarise secure configuration requirements into a few principles​.. .  Collaborate with Comms teams and Business Change teams to rollout new processes and procedures.. . Company Location: United Kingdom.