Job Title: Cyber Security Consultant – Risk & Assurance

Location: Yeovil. We offer a range of hybrid and flexible working arrangements

Salary: Competitive

What you’ll be doing:

• Taking the lead on projects and bids, providing cyber security advice and guidance to all stakeholders, engineers, technical authorities, project managers, the wider business and customer communities, throughout the whole project lifecycle and at all classifications
• Interpreting security guidance from external sources such as JSP440/604, NCSC and NIST
• Performing security risk assessments using methodologies to identify and prioritise cyber security and cyber resilience risks, controls and mitigations to manage those risks
• Achieving and maintaining security accreditations or assurance as required, including assessing the impact to security of all proposed changes
• Scoping and managing testing by external penetration test companies and ensuring remediation activity is performed to completion
• Supporting security within the supply chain, including meeting the requirements of the Defence Cyber Protection Partnership plus our own company initiatives
• Producing security documentation such as RMADS and SyOPs

Your skills and experiences:

Essential

• Experience of identifying and managing cyber security risks using appropriate methodology, controls and mitigations
• Ability to advise key stakeholders within both the business and the customer community
• CCP/CISSP/CISM, degree qualified or equivalent experience

Desirable

• Experience of cyber security engineering delivery and accreditation within defence
• Knowledge/experience in security risk assessment methodology, or security frameworks such as JSP440/JSP604/JSP490, NCSC, NIST or ISO 27001

Benefits:

You’ll receive benefits including a competitive pension scheme, enhanced annual leave allowance and a Company contributed Share Incentive Plan. You’ll also have access to additional benefits such as flexible working, an employee assistance programme, Cycle2work and employee discounts – you may also be eligible for an annual incentive

The Defence Information Cyber Team:

The Defence Information Cyber team work on a wide variety of projects, gaining and developing a deeper understanding of security risks and mitigations. Project sectors include Deployed and Static Networks, Command and Control Systems, Secure Gateways, Tactical Data Links, Mission Systems, Mission Planning, Logistics Support and Training Infrastructure and Services.

Customers increasingly demand information and technology solutions delivering advantage, communications, planning, operations and cyber protection. C5ISR within Digital Intelligence is where we design and build cutting edge IT solutions for incorporation into products and services.

The team will also be working with a range of internal and customer stakeholders to help them understand security risks throughout the entire project lifecycle and then working with security and technical professionals to design and implement cyber security controls and drive effective risk management.

Why BAE Systems?

This is a place where you’ll be able to make a real difference. You’ll be part of an inclusive culture that values diversity, rewards integrity, and merit, and where you’ll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently underrepresented within our industry, including women, ethnic minorities, people with disabilities and LGBTQ+ individuals. We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.

Please be aware that many roles working for BAE Systems will be subject to both security and export control restrictions. These restrictions mean that factors including your nationality, any previous nationalities you have held, and your place of birth may limit those roles you can perform for the organisation.

#LI-LC1
#LI-Hybrid