ISSCA Assurance Professional

Why this job matters

This is a multi-skilled assurance role and is integral to ensuring that BT meets its certification aims and mitigating risk, contributes value add to BT with ISO 27001 worth approx. 1 billion and PSN, TSA & TBEST is multi-million.

This role is hybrid (3 days in office) & can be based in one of the following locations: Belfast, Birmingham, Bristol, Glasgow, London, Manchetser

What you’ll be doing

• Audit/Assessments - To gain assurance that these are being planned and performed for the assigned business processes by the certification’s anniversary.
• Security Assurance – provides evidence based security assurance on the effectiveness of BT’s cyber defenses at Line 2, and drives improvements to BT’s cyber security risk posture in relation to specific schemes & certifications (TSA, ISO 27001,  TBEST, & PSN).
• Issues and Escalations - The role holder may identify issues that requires further action(s) to ensure that the correct steps are taken to protect and preserve our various certifications. To be formally tracked and if not resolved within agreed timescales the role holder must escalate the matter immediately.
• Driving Change - To ensure that any changes in our various certification standards are incorporated within these business processes ‘in good time’ to maintain compliance.
• Communications - Acts as a communications bridge between the BT compliance governance organisation and ‘working level’ within allocated first line business processes.
• Security Forums - Running relevant forums and governance relating to the enactment of certification & assurance schemes where required.
• Risk Management - Identifying, collating, and communicating and monitoring risk management plans that affect certification.
• Sharing best practice and approaches with peers and first line teams to drive consistency and adherence to certification requirements
• Champion for driving compliance for BT BAU security and certification schemes. 
• Maintaining high productive and effective working relationships with first line teams in the CFUs, product and capability owners.
• Working as part of an effective matrix team pan-CFU to enact components of certification.
• Facilitating dialogue with external parties, certifications board’s, regulators etc.

Skills Required for the Role

• Story-telling - The ability to articulate the requirement for our various security schemes & certifications (TSA, ISO 27001, TBEST, & PSN)
• Business acumen - Understanding the value TSA, ISO 27001, TBEST, & PSN compliance brings to BT.
• Willingness to learn new Security frameworks to support multi-skilled Assurance team
• Skill Sharing - The ability to knowledge share with other members within our organisation. (Mandatory)
• Membership of a pertinent Security / Technology related professional body: ISO27001 (Mandatory) IISP (Preferred)

Experience Required for the Role

• Experience of supporting security compliance in a business environment. (Mandatory)
• Practical experience in one of IT Security, Physical Security, Systems Development, Systems Support / Operation (Mandatory)
• Understanding of security frameworks, policies & processes. (Mandatory)
• Demonstrable experience in BT processes for the management of operational and technology changes (Preferred)
• Demonstrable experience of team working in both hierarchical and matrix teams. (Mandatory)

Benefits

• On target 10% on target bonus​
• BT Pension scheme, minimum 5% Employee contribution, BT contribution 10%​
• From January 2025, equal family leave:  receive 18 weeks at full pay, 8 weeks at half pay and 26 weeks at the statutory rate. It’s for all parents, no matter how your family is made up.​
• Enhanced women’s health support: including help with menopause symptoms, cancer screenings, period care and more.​
• 25 days annual leave (not including bank holidays), increasing with service​
• 24/7 private virtual GP appointments for UK colleagues​
• 2 weeks carer’s leave ​
• World-class training and development opportunities​
• Option to join BT Shares Saving schemes.​