BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.
Job Title: STARA(R) - Enterprise Security Threat and Risk Consultant
Location: London - Guildford, Gloucester, London, Manchester, Leeds (Hybrid working)
Grade: GG10-GG13
Referral Bonus: 5000
What You’ll Be Doing
As an Enterprise Security Threat and Risk Consultant, you will lead and deliver advanced threat and risk assessments across physical, personnel, cyber, and governance domains. Working on mission-critical programmes in government, financial, CNI, and defence, your role will shape how organisations understand and manage threats in the context of a hybrid threat environment and evolving adversary tactics. You’ll collaborate with internal and external stakeholders, advise on strategic risk posture, and ensure delivery of high-impact STARA engagements.
Responsibilities
* Lead, deliver and support Security Threat and Risk Assessments (STARA) across ICT, Operational Technology, physical, and personnel security
* Analyse threats including cyber, insider, physical and hybrid actors, using counterintelligence and HUMINT principles where relevant
* Evaluate security risk across full-spectrum domains, integrating inputs from technical testing, behavioural analysis, and environmental factors
* Develop and present comprehensive risk assessment reports, including clear recommendations for mitigation and investment
* Apply frameworks such as NIST 800-53, ISO/IEC 27001, and NCSC CAF to assess current controls and identify improvement opportunities
* Contribute to the development of organisational threat models and security postures aligned to national security objectives
* Provide guidance on the implementation of physical and technical security controls based on STARA findings
* Collaborate with cyber, intelligence, and engineering teams to integrate threat-informed risk management
* Lead and mentor high-performing teams, and support the professional growth of junior consultants
Skills & Experience:
* You have at least 5 years’ experience in a security, defence, government, or intelligence role involving risk, threat, or vulnerability analysis
* You understand modern threat landscapes, including hybrid attack vectors and blended threat actors
* You can apply critical thinking to complex and ambiguous environments, making informed decisions under pressure
* You have strong knowledge of cyber risk frameworks (e.g. NIST, ISO27001, NCSC CAF) and experience in applying them
* You’re experienced in one or more of: counterintelligence, human intelligence and security, physical security assessments, operational technology, supply chain security, military platforms assessments, or penetration testing, OSINT, Insider Risk, Security Culture and Behaviour Change.
* You’re a confident communicator, able to build trusted relationships and influence senior stakeholders
* You thrive when solving difficult problems and bring structure and clarity to risk management challenges
* You hold or are eligible for high-level security clearance
The team
We work hard and often go the extra mile, but we recognise people’s efforts and that everyone has a life outside of work. We encourage people to speak up if they want to rotate to a new project.
As well as a competitive pension scheme, BAE Systems also offer employee share plan, an extensive range of flexible discounted health, wellbeing and lifestyle benefits including a green care scheme, private health plans and shopping discounts – you may also be eligible for an annual incentive.
Why BAE Systems?
This is a place where you’ll be able to make a real difference. You’ll be part of an inclusive culture which values diversity, rewards integrity and merit, and where you’ll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently under-represented within our industry including women, ethnic minorities, people with disabilities and LGBTQ+ individuals.
We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.
Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions such as your nationality, any nationalities which you previously may have held and your place of birth can restrict the roles you are able to perform within the organisation.
All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks.
We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day.
By embracing technology, we can interact, collaborate and create together, even when we’re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance well-being.
Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds – the best and brightest minds – can work together to achieve excellence and realise individual and organisational potential.
#J-18808-Ljbffr