Security Assurance Manager

Amentum is a premier global technical and engineering services partner. We draw from a century-old heritage of operational excellence, mission focus, and successful execution underpinned by a strong culture of safety and ethics.

We are now recruiting for Security Assurance Manager to join us permanently on our major projects, located in the Reading area.

About the job
As Security Assurance Manager you will lead, maintain and improve a comprehensive security assurance capability for a key programme within Amentum. You will collaborate closely with the programme internal teams, our client and our supply chain to assess supplier security posture, identify and mitigate potential supplier and programme security risks, and ensure compliance with security requirements. You will stay informed about current security threats and industry standards to continuously improve programme and supplier risk management strategies.

You will develop and maintain strong relationships, engaging teams across Amentum, our client's organisation and through our supply chain to promote and embed a proactive culture to the management of supply chain security.

Key responsibilities include:

• Lead and facilitate security assurance assessments, including risk assessments and audits, for the project's supply chain to understand the risk and control environment that underpins the product/service being provided.
• Ensure the flow down of customer security requirements to vendors when tendering and at contract award and ensure supplier compliance with these requirements.
• Work with the programme and suppliers to improve their security posture through assessments, risk remediation plans, and any other recommendations as required.
• Maintain and continually develop the end-to-end supplier security assurance framework and processes to effectively identify and manage third-party security risk, mitigating potential disruption to the project and Amentum.
• Identify continuous improvement opportunities to increase the level of maturity of the security assurance capability and supplier security management.
• Provide regular monitoring and reporting and identify and develop opportunities to automate and continuously improve reporting processes.
• Develop and maintain appropriate policies and procedures
• Support and facilitate external audit requirements where relevant.
• Monitor and support programme security incidents and ensure timely response and remediation.
• Provide security guidance and training to stakeholders on supply chain risk management.
• Manage internal and external resources to successfully deliver supplier security outcomes.
• Build and maintain strong working relationships with key internal and external stakeholders.
• Stay informed about emerging threats, vulnerabilities, trends, and best practice related to third-party security.

Experience & Skills

• Ideally Degree qualified in relevant discipline.
• A proven information security professional with a risk, compliance, and assurance background.
• Knowledge of security frameworks and compliance regulations, and experience implementing or assuring against ISO27001 is preferred.
• A good understanding and experience of supply chain risk, assurance practices and security controls (technical, procedural, personnel and physical).
• Excellent communication skills, both written and verbal.
• Excellent analytical and problem-solving skills.
• Demonstrable stakeholder management expertise and the ability to work cross-functionally, fostering positive behaviours and leading to successful engagement in risk and assurance activities.
• An effective decision maker, who utilises evidence, available data and personal knowledge to provide clear, accurate and professional decisions.
• Ability to prioritise workload and work well under pressure to meet deadlines and manage business expectations.

Additional skills:

• ISO 27001:2013 Implementer or Lead Implementer
• ISO 27001:2013 Auditor or Lead Auditor

Work Environment

• Office & Construction environment
• Ideally 75% on site and 25% working at home
• Visits to work partner or supply chain premises

You will be eligible for UK SC security clearance.

Amentum is an equal opportunities employer.

Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran's status, ancestry, sexual orientation, gender identity, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal EEO laws and supplemental language at EEO including Disability/Protected Veterans and Labor Laws Posters.