Senior Security Controller; Security Manager

Company Description

Work with Us. Change the World.

At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the world's trusted infrastructure consulting firm, partnering with clients to solve the world's most complex challenges and build legacies for future generations.

There has never been a better time to be h accelerating infrastructure investment worldwide, our services are in great demand. We invite you to bring your bold ideas and big dreams and become part of a global team of over 50,000 planners, designers, engineers, scientists, digital innovators, program and construction managers and other professionals delivering projects that create a positive and tangible impact around the world.

We're one global team driven by our common purpose to deliver a better world. Join us.

AECOM is seeking a highly experienced Company Security Controller. The role will report to International Security Director. The ideal candidate would be based in Basingstoke; however, location may be flexible, with the requirement to be able to attend our office at least 1/week.

• Strategic guidance to key stakeholders in all matters associated with UK Government Security.
• Provide support to the end markets, ensuring AECOM is aligned to client requirements in relation to existing and new projects which may be governed by United Kingdom Government Security.
• Representing AECOM, providing project liaison, managing and developing key client relationships.
• Manage AECOM secure facilities and support project and office teams in development of new facilities.
• Be the prime point of contact for UK Government Security principles for the business units.
• Support Site Security Controllers and the UK Classified Network Manager with the management of the accredited facilities.
• Support project and office teams in development of new facilities adopting the lead role in the accreditation process of new FSC facilities.
• Understanding principles of Surreptitious Threat Mitigation Process (STaMP) and MODs Secure by Design.
• Provide advice, guidance and support on UK Government Security protocols for the business and the AECOM Executive Board.
• Understand Industrial Personnel Security Assurance (IPSA) certification and the management of the vetting function and provide support as required.
• Support the business units with responses to security audits and questionnaires.
• Manage the Defence Cyber Protection Portal process and the dissemination of contractual obligations to the supply chain.
• Lead on Security Aspects letter processes.
• Management of the security incident report process relating to UK Government Projects and Ministry of Defence industry Warning, Advisory and Reporting Point (MOD WARP) SIRF submissions.

• Ensuring the UK legislative and company policies are adhered to.
• Support review of best practices, policies and procedures.
• Managing Security Awareness training in various formats / providing the initial and annual mandated Security Awareness training for all cleared individuals.
• Be the FSC Security Controller and the Crypto Custodian for the Basingstoke facility if feasible.
• Provide support and oversight of AECOM's 5 FSC facilities and 2 List N facilities.
• Manage the security vetting team that is based in Basingstoke.
• Support the vetting process during periods as required by the business.
• Liaising with project teams and responding to Security Aspects Letters relating to existing projects, future project pursuits and the supply chain process.
• Provide the response to, and investigating security incidents in line with AECOM protocols, ensuring that they are dealt with appropriately or escalated if necessary.
• Highlighting and escalating any government associate security risks to stakeholders via the relevant risk committee.
• Support projects in response to client business continuity questionnaires.
• Oversight and support for office  production.

• Chair the company national security working group.
• Provide monthly and quarterly reports to the Board Level Contact for Security.
• To actively participate in professional associations and relevant peer groups.
• Attend forums and training to ensure that AECOM is fully up to date with security changes adherence to List X Notice and MOD Certifications.

• Due to the nature of the role the person must be a sole British national with no current or former foreign nationalities.
• They will be required to achieve DV clearance without restrictions.
• Resided in the UK for the last 10 years without breaks of more than 28 days.
• Needs to have completed or is willing to complete the Defence Industry Security Association (DISA) Security Controller Course.
• Membership of the Security Institute and DISA.
• Fully conversant with MOD Joint Service Publications (JSP
  440), Security Policy Framework and Government Functional Standard (GovS
  007).
• Previous…