What you’ll be doing:

• Cyber Security risk assessment of systems and services

• Support the definition and design of secure solutions that meet business needs

• Assess Architectural designs and identify proportionate Cyber Security controls aligned with business objectives

• Assessment of systems, services and Cyber Security controls, to provide an independent analysis of compliance with BAE Systems Security Policy, standards and external regulatory requirements. Lead Assessment of Cyber Security controls to ascertain effectiveness in reducing risk, including any vulnerability components

• Analysis, creation and compilation of relevant documentation determining the compliance level of systems and services, technical security controls with applicable certification, accreditation, and internal policy requirements

• Manage the delivery of penetration tests and vulnerability analysis in support of risk mitigation strategies

• Support stakeholders in resolving Cyber Security issues and act as a subject matter expert regarding assurance activities for the wider organisation

Your skills and experiences:

Essential:

• In-depth knowledge of industry standard security policy, standards and good practice guidance and their application to a variety of IT solutions processing protectively marked information

• In-depth knowledge of threats, risks, vulnerabilities and risk mitigations strategies and techniques

• Knowledge of information security standards, such as HMG, ISO 27001/18, NIST 800 etc

• Wide ranging knowledge of application, infrastructure and security technologies and in-depth knowledge of implementing them in a secure configuration within On-premise, hybrid & Cloud environments

• Experience of working in a project environment and risk management and the application of risk management methodologies