Job Title : Principal Engineer - Cyber Security
Location : Frimley, Bristol, Weymouth, Portsmouth, Barrow or Brough. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role.
Salary : Competitive
What you'll be doing:
1. Building a risk based set of cyber security requirements for a system or sub system, providing technical guidance and support for all aspects of cyber security and resilience
2. Conducting cyber security analysis work, developing threat taxonomies, security architectures, security baselines and risk mitigations
3. Producing test plans-and schedules together conducting informal and formal cyber security testing
4. Supporting engineering gated reviews and design assurance activities
5. Production of security artefacts such as risk registers, security assurance cases, plans and schedules. Provide security input into related engineering documentation
Your skills and experiences:
Essential:
6. Degree (or equivalent experience) in a relevant STEM subject or Information Security related
7. Recognised Industry Security Qualifications, e.g. CCP, CISSP, CISM (or able to achieve)
8. Proven experience of assessing and managing risk in line with industry good practice (NIST, ISO 27001)
9. Significant experience with using security baselines, mitigations and controls
10. Engineering background and or strong familiarity with a life cycle phased approach
Desirable:
11. Experience of Product Security activities in the defence, maritime or closely linked domain
12. Experience of MOD Policies and regulations such as SPF, JSP 440 and JSP604 and production of Risk Management Accreditation Document Set (RMADS)
13. Knowledge of the challenges affecting security of Operational Technologies/ Industrial Control Systems and approaches to secure them
14. Project Management exposure
Benefits :
You'll receive benefits including a competitive pension scheme, enhanced annual leave allowance and a Company contributed Share Incentive Plan. You'll also have access to additional benefits such as flexible working, an employee assistance programme, Cycle2work and employee discounts - you may also be eligible for an annual incentive.
The Engineering Delivery Team:
The team designs, builds, integrates and provides through life support to all the Submarine Platforms in the Royal Naval fleet. You will ensure the submarine systems and products are developed to support the delivery of an appropriately secure and resilient product.
Through application of your knowledge and experience, you shall identify, analyse, evaluate and manage information security risks associated with the products used on-board the submarine. Speaking knowledgably and credibly with customers, users and internal stakeholders you shall provide advice on the causes of the risks identified, their likelihood and potential operational impacts.
We offer relocation support packages across all Submarines roles, subject to meeting eligibility criteria.
Why BAE Systems?
This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently underrepresented within our industry, including women, ethnic minorities, people with disabilities and LGBTQ+ individuals. We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.
Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks.