Technical Security Asset and Service Life Cycle Security Management
Role overview
The role of Technical Security Asset and Service Life Cycle Security Management is to oversee and provide advice throughout the procurement cycle, minimising the security risks associated with the procurement of assets or services, from concept to disposal.
Role level
Typical role expectations
To support:
- identification and management of assets developed, processed or shared with suppliers, including with domestic and international partners
- supplier compliance with all relevant security legislation and regulatory requirements
- governance structures to manage all security risks from conception to disposal of assets, products or services, and the wider supply chain
- implementation of secure logistics of assets in development, transportation and at rest
Typical role expectations
- Identify and manage the assets developed, processed or shared with suppliers, including with domestic and international partners
- Ensure acquisitions, service programmes and suppliers comply with all relevant security legislation and regulatory requirements
- Implement governance structures to manage all security risks from conception to disposal of assets, products or services, and the wider supply chain
- Act on intelligence that indicates any risk to the supply chain, including providing advice and assurance on supplier’s security across acquisitions and services, and encourage continuous improvement
- Develop and maintain effective stakeholder relationships with both internal and external stakeholders in order to influence and change security decisions and manage thedelivery of the required security assets
Typical role expectations
- Oversee life cycle standards for assets developed for the organisation, processed or shared with suppliers, including with domestic and international partners
- Create and manage standards for acquisitions, service programmes and suppliers that comply with all relevant security legislation and regulatory requirements
- Oversee the implementation of governance structures to manage all security risks from conception to disposal of assets, products or services, and the wider supply chain
- Aggregate and prioritise intelligence that indicates any risk to the supply chain, including providing advice and assurance on supplier’s security across acquisitions and services, and encourage continuous improvement
- Develop and maintain effective stakeholder relationships with both internal and external stakeholders in order to influence and change security decisions and manage the delivery of the required security assets
Skills
| Skill | Associate | Lead | Principal |
|---|---|---|---|
| Applied Technical Security | Working | Practitioner | Expert |
| Risk understanding and mitigation | Working | Practitioner | Expert |
| Secure supply chain management | Working | Practitioner | Expert |
| Applied Technical Security | Awareness | Working | Practitioner |
| Protective security | Awareness | Working | Working |
| Threat understanding | Awareness | Working | Working |
Core learning
Lead
Certificate in Digital Forensics Fundamentals
Regulation of Investigatory Powers Act (RIPA) Senior Authorising Officer
Internet of Things (IoT) Security Standards for Government
Principal
UK NACE – Rising Building Security
ISO 27005 Lead Auditor
UK NACE- TSCM defensive radio monitoring principles