Please check your email .
Job Title: Cyber Security/Product Security Opportunities
Location: Frimley, Bristol, Weymouth, Portsmouth, Barrow and Brough. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role.
What you'll be doing:
The following activities are typical of the work that may be carried out:
Gaining sufficient understanding of a system, its concept of use and architectures in order to provide an accurate assessment of Product Security in terms of possible threats, potential avenues of attack and advising on the application of secure development practices and physical controls
Ensuring that Product Security analysis work are fully documented, enabling the management of risk throughout the product lifecycle. Present risks and proposed controls to internal and external stakeholders, to achieve agreement and buy-in
Being able to contribute and influence the development of Product Security strategies, policies, guidance, good practices and awareness
Being able to recommend appropriate controls to mitigate identified risks in line with government and MOD policies and good practice, to provide more cost effective risk mitigation in the longer term
Representing the Product Security group at Design Reviews and other various engagements, to ensure that Product Security are appropriately considered at each stage of the design lifecycle
Providing technical guidance and support in relation to product incident management
Security related activities required to support the engineering lifecycle within the phase relevant to the programmeYour skills and experiences:
Degree (or equivalent experience) in a relevant STEM subject or Information Security related
Recognised Industry Security Qualifications eg CCP, CISSP, CISM or similar (or able to achieve)
Proven experience of assessing and managing risk in line with industry good practice (NIST, ISO 27001)Desirable:
Experience of Product Security activities in the defence, maritime or closely linked domain
Experience of MOD Policies and regulations such as SPF, JSP 440 and JSP604 and production of Risk Management Accreditation Document Set (RMADS)
Knowledge of the challenges affecting security of Operational Technologies/ Industrial Control Systems and approaches to secure them
Experience of assessing and advising on controls to support Product Safety
Supports and contributes to information security professional bodies and industry forums
Can demonstrate experience of mentoring and/or providing support to othersBenefits:
You'll receive benefits including a competitive pension scheme, enhanced annual leave allowance and a Company contributed Share Incentive Plan. You'll also have access to additional benefits such as flexible working, an employee assistance programme, Cycle2work and employee discounts - you may also be eligible for an annual incentive.
The Engineering Delivery team:
As a member of the Engineering Delivery Team who design, build, integrate and provide through life support to all the Submarine Platforms in the Royal Naval fleet your role is to ensure the submarine systems and products are developed to support the delivery of an appropriately secure and resilient product.
Through application of your knowledge and experience, you shall identify, analyse, evaluate and manage information security risks associated with the products used on-board the submarine. Speaking knowledgably and credibly with customers, users and internal stakeholders you shall provide advice on the causes of the risks identified, their likelihood and potential operational impacts.
Why BAE Systems?
This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently underrepresented within our industry, including women, ethnic minorities, people with disabilities and LGBTQ+ individuals. We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.
Please be aware that many roles working for BAE Systems will be subject to both security and export control restrictions. These restrictions mean that factors including your nationality, any previous nationalities you have held, and your place of birth may limit those roles you can perform for the organisation