Job Title: Cyber Operational Assurance Practitioner Location: Preston or Frimley. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Up to £52,000 depending on skills and experience What you'll be doing: Deliver the Cyber Operational Assurance services to assure the compliance and effectiveness of applicable IT security controls to meet NIST (DFARS), DEFSTAN, HMG Secure by Design requirements and / or Group Cyber Security Standards (GCSS) Support other Information Security certifications such as; ISO/ IEC 27001 / FAR to underpin international networks and differing overseas requirements Report the Performance / Health of applicable security controls to assure compliance and effectiveness aligned with NIST (DFARS), DEFSTAN, HMG Secure by Design requirements and / or Group Cyber Security Standards (GCSS) to highlight key issues to senior stakeholders Support, assist in planning and implement a risk based technical assurance/ assessment programme across EIT enterprise managed networks / systems / services aligned with the BAE Systems plc testing strategy Your skills and experiences: Essential: Track records of assuring/ auditing the security of services in the Government sector (or commercial organisations bound by HMG standards or similar) Analytical background with the ability to analyse and interpret large and complex data sets and articulate observations, conclusions and recommendations to senior audiences Knowledge of HMG (or similar) and industry standard security policy, standards and good practice guidance and their application to a variety of IT solutions processing protectively marked information Wide ranging knowledge of application, infrastructure and security technologies and knowledge of implementing them in a secure configuration ISO/ IEC 27001 knowledge CISM-P IT Security qualification or equivalent (or higher) Desirable: NSCP Practitioner Certificate Audit experience and exposure Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Cyber Assurance Team: The Cyber Assurance Team with Shared Services are part of Enterprise IT (EIT) with responsibility for assuring all enterprise managed systems and services, spanning UK/ RoW. The team ensure systems / services are built and configured in-line with applicable Cyber Security Standards. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently underrepresented within our industry, including women, ethnic minorities, people with disabilities and LGBTQ individuals. We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. We welcome applications from all suitably qualified people, who are BAE Systems employees and have been in their current role for 12 months or longer. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Closing Date: 10th January 2025 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible. LI-JM1 LI-Hybrid