Would you like to play a key role in developing secure solutions and assuring Cyber Security for one of the UK's leading defence prime systems integrators? We currently have a vacancy for a Cyber Security Specialist at our site in Christchurch, Dorset (flexible working arrangements will also be considered for this role). Christchurch itself is a picturesque location, with a choice of award-winning beaches, coastal nature reserves and heritage attractions nearby.
As a Cyber Security Specialist, reporting into the Engineering Lead, you will be joining our highly dedicated Cyber Security team working on a variety of prestigious and long-term projects for the MOD and other customers, including deployed networks such as the Falcon communications system. You will be working with a range of internal and customer stakeholders to help them understand security risks throughout the entire project lifecycle and then working with security and technical professionals to design and implement cyber security controls and drive effective risk management.
This role will provide you with the chance to work on a wide variety of projects gaining and developing a deeper understanding of security risks and mitigations.
The successful candidate will be required to perform tasks suitable to the internal level of this role. The role will contain, but will not be limited to, the following:
- Working closely with security stakeholders from both the business and the customer communities throughout the whole project lifecycle and at all classifications, in particular with the SAC and Accreditor to achieve and maintain system accreditation
- Providing cyber security advice and guidance to systems and software engineers, including at a detailed technical level. You should be able to provide detailed guidance on, for example, operating system lockdowns and data-in-transit protection
- Providing cyber security advice and guidance to managers and solution architects to identify and propose architectures, develop secure designs and identify and implement security controls which provide proportionate risk reduction
- Performing security risk assessments using recognised methodologies to identify and prioritise cyber security and cyber resilience risks and identifying approriate controls and mitigations to manage those risks.
- Interpreting security guidance from external sources such as JSP440/604, NCSC and NIST.
- Achieving and maintaining security accreditation or security assurance as required, including assessing the impact to security of all proposed changes.
- Producing security documentation such as RMADS and SyOPs.
- Scoping and managing testing by external penetration test companies and ensuring remediation activity is performed to completion.
- Supporting security within the supply chain, including meeting the requirements of the Defence Cyber Protection Partnership plus our own company initiatives.
What we're looking for in you:
You will have excellent communication skills both written and verbal to communicate effective with both team members and the stakeholder community. You will also have excellent analytical and problem-solving skills that can be applied to a range of different situations.
- Systems or software engineering background, able to interact at a technical level with systems, software and hardware engineers
- Demonstrable experience of identifying cyber security risks using a recognised methodology and the commensurate controls and mitigations required to manage those risks.
- Ability to articulate security advice directly to key stakeholders within both the business and the customer community
- Experience of cyber security engineering delivery and accreditation, preferably within the Defence domain.
- Degree qualified in Information/Cyber Security, IT, Engineering, Mathematics, or Science, or alternatively equivalent qualifications and/or experience.
- Experience in secure communications, secure networking and the appropriate use of cryptography
- Knowledge and experience in HMG IAS1&2 or similar security risk assessment methodology, JSP440/JSP604/JSP490, NCSC guidance, NIST, ISO 27001 and industry-standard security frameworks.
- CCP, CISSP, CISM or similar, GCHQ Certified Degree, ex-CLAS.
|
|
|||
Do you agree to our terms & conditions & privacy statement?
Receive updates & notifications from Ex-MilitaryCareers.com
