Job title: Cyber Security Assessment Professional
Company: BAE Systems
Job description: Location(s): UK, Europe & Africa : UK : Leeds || UK, Europe & Africa : UK : Gloucester || UK, Europe & Africa : UK : Guildford || UK, Europe & Africa : UK : London || UK, Europe & Africa : UK : Manchester
BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.
We are offering a role to work within a growing, busy Security team, ensuring that BAE Systems security controls are the best they can be to protect the firm. The work will be interesting, dynamic and rewarding.
BAE Systems has internal security assurance requirements from our Chief Information Security Officer covering all areas of the business. You would be part of that assurance activity within Digital Intelligence, to provide the firm with confidence that our security controls are implemented and are performant and also using your knowledge around remediation, when you identify gaps.
You will be working within an engaging, supportive and inclusive firm committed to your long term development and wellbeing.
The role will be hybrid working with some UK based office (Manchester, Leeds, Guildford or London) visits for on site assessment work or to connect with other employees for meetings and wellbeing purposes.
What you’ll be doing
- Working within an established/documented controls framework, to confirm controls aligned to the NIST 800-53 Framework are implemented and performant for a system or application across the Digital Intelligence networks. The firm has customised the core standard controls and documented this in the Group Cyber Security Standards (GCSS) which will be used as the compliance information needed to enable you to assess against.
- Liaising with Information Management & Technology (IM&T) system owners to review their 1st party self-assessments to ensure that the control evaluation evidence is complete. You will be performing a 2nd line of defence in your assessment work.
- Performing risk assessments as part of your work when evaluating the gaps in control effectiveness.
- Your work will give you the freedom to work as a Trusted adviser without micro management.
- The role will be based within the United Kingdom and may require some travel.
What we’re looking for
- Good written and oral communication skills to enable working with stakeholders from different levels within the business – technical/non-technical.
- Familiarity with industry standards and compliance frameworks, specifically NIST 800-53 but awareness of ISO 27001 and Cyber Essentials would be beneficial.
- Awareness and working experience of assessing security controls – specifically technical and administrative controls. Physical controls are managed by a different part of the team at BAE Systems.
- Governance, Risk and Compliance solution experience, preferably RSA Archer.
- Due to the nature of the role you must be a UK national.
- ISO 27001 Lead Auditor or ISO 27001 Practitioner
- Professional qualifications such as ISACA CISM, CISA, CRISC or CISSP
Life at BAE Systems Digital Intelligence
We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day.
By embracing technology, we can interact, collaborate and create together, even when we’re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance well-being.
Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds – the best and brightest minds – can work together to achieve excellence and realise individual and organisational potential.
Division overview: Functions
At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and the business could not operate without all the dedicated work of our Functions teams. From Finance & Operations through Communications & Marketing, to HR and Site Operations and more, our Functions teams enable our divisions to implement ground-breaking digital transformations and crucial defence software.
As part of Functions, you will be supporting and partnering with our global business from the backline, being a strategic advisor within your specialist area, and ensuring the business runs smoothly and efficiently. We all have a role to play in defending our clients; and this is yours.
Job date: Thu, 02 Nov 2023 23:10:59 GMT
Apply for the job now!