Information Security Specialist
Are you able to manage the Security Accreditation of a programme at varying points in the lifecycle?Can you ensure products meet Information Assurance requirements and that Security Risks are reduced to an acceptable level? Would you like to work with advanced technologies to minimise the risk of both cyber threats and social attacks? We currently have a vacancy for an Information Security Specialist at our site in New Malden.
As an Information Security Specialist, you will be tasked with ensuring our products across the Maritime Sector are secure by design, achieve security accreditation and maintain security through-life.
This role will provide you with the opportunity to liaise with stakeholders, influence engineering design, produce evidence in support of accreditation, provide advice and guidance to shape technical solutions and support embedding our security culture across the business.
Your main responsibilities as an Information Security Specialist will involve:
Designing and shaping the technical security architecture of strategically important products to ensure they are secure by design.
Liaising with the system accreditor(s) and stakeholders to manage expectations, ensure that security requirements are met and the security risk is reduced to acceptable level.
Determining security principles for the project solution to work within.
Producing accreditation artefacts such as product security architecture and Risk Management Accredited Document Set – (RMADS) in support of accreditation. Collecting evidence for the security case.
Responding to security questions within bid proposal documents, producing estimates, and selecting security principles and frameworks.
Contributing to the wider Product Security Department – delivering awareness material and presentations and speaking at Special Interest Groups, improving processes.
Keeping up to date on relevant security standards, process and technologies, developing skills and capabilities to be able to provide more effective services.
Supporting the product security Special Interest Group by sharing best practice.
Your skills and qualifications as an Information Security Specialist:
Fundamental understanding of ICT, OCT and ICS technologies, how they connect together, different protocols, operating systems and applications.
Ability to identify and investigate technology to understand security vulnerabilities and how to mitigate them.
Solid systems engineering experience and background.
Good knowledge and understanding of security risk assessments and RMADS (Risk Management Accredited Document Set) and the accreditation process.
Good technical understanding of systems and how their security aspects are applied and affect performance.
Familiarity of Defence Standards/Security Regulations such as JSP440, JSP604 or other security standards such as ISO27000 and NIST.
A good understanding of National Technical Authority suggested Security Frameworks and Methodologies.
What we're looking for in you:
A flexible and adaptive individual with excellent communication, high attention to detail and strong influencing and interpersonal skills.
Location: New Malden / Various
Benefits: Our employees receive an excellent benefits package which includes a competitive pension scheme, enhanced annual leave allowance and a Company contributed Share Incentive Plan. We also offer a range of additional benefits such as flexible working, an employee assistance programme, Cycle2work scheme and many local and national employee discounts. Some employees may also be eligible for an annual incentive.
BAE Systems is one of the world’s leading global defence, security and aerospace companies. We work at the cutting edge of technology, creating more than 100 new inventions every year for customers in over 100 countries.
BAE Systems Maritime
Our Maritime Sector encompasses three lines of business; Submarines, Naval Ships and Maritime Services. We design and manufacture complex naval ships and submarines, as well as their state of the art combat systems and equipment. We also offer an array of associated services, including training solutions, maintenance and modernisation programmes to support ships and equipment in service around the world and the management of supporting infrastructure.
We employ a diverse range of people with the unique expertise to design, integrate and support platforms and systems; all focussed on understanding our customers’ evolving needs, meeting their expectations and delivering on commitments made to them, wherever they are in the world.
We have significant growth opportunities across our three dynamic businesses with exciting transformation programmes running right through the next decade; strengthening our competitive advantage and developing our business as an employer of choice for our current and future employees.
We recognise that an inclusive and diverse workplace – where all employees feel respected, valued and able to achieve their full potential – is vitally important. Not only does it inspire creativity and collaboration, it’s good for business. We celebrate our differences and believe our diverse skills, abilities and perspectives strengthen our culture and our overall performance.
We welcome applications from all suitably qualified people.
Please be aware that many roles working for BAE Systems will be subject to both security and export control restrictions.These restrictions mean that factors including your nationality, any previous nationalities you have held, and/or your place of birth may limit those roles that you can perform for the organisation.
Due to the volume of applications we receive, we sometimes close our vacancies early. It is therefore advisable to apply as early as possible if you would like to be considered for a role with BAE Systems.