Cyber Security Assessment Professional

Job Description

Location(s): UK, Europe & Africa : UK : Manchester || UK, Europe & Africa : UK : Gloucester || UK, Europe & Africa : UK : Guildford || UK, Europe & Africa : UK : London BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businessescan unlock digital advantage in the most demanding environments.Role summary We are offering a role to work within a growing, busy Security team, ensuring that BAE Systems security controls are the best they can be to protect the firm. The work will be interesting, dynamic and rewarding.BAE Systems has internal security assurance requirements from our Chief Information Security Officer covering all areas of the business. You would be part of that assurance activity within Digital Intelligence, to provide the firm with confidence that our securitycontrols are implemented and are performant and also using your knowledge around remediation, when you identify gaps.You will be working within an engaging, supportive and inclusive firm committed to your long term development and wellbeing.Whilst this is a hybrid role please do note that due to the secure nature of the work you will be required to carry out, you will be expected to work from the office based in Guildford, London ,Gloucester or Manchester as and when required which could bea few times per week, therefore residing close to either location would be preferableWhat youll be doing

• Working within an established/documented controls framework, to confirm controls aligned to the NIST 800-53 Framework are implemented and performant for a system or application across the Digital Intelligence networks. The firm has customised the core standardcontrols and documented this in the Group Cyber Security Standards (GCSS) which will be used as the compliance information needed to enable you to assess against.
• Liaising with Information Management & Technology (IM&T) system owners to review their 1st party self-assessments to ensure that the control evaluation evidence is complete. You will be performing a 2nd line of defence in your assessment work.
• Performing risk assessments as part of your work when evaluating the gaps in control effectiveness.
• Your work will give you the freedom to work as a Trusted adviser without micro management.
• The role will be based within the United Kingdom and may require some travel.

What were looking for Essential

• Good written and oral communication skills to enable working with stakeholders from different levels within the business - technical/non-technical.
• Familiarity with industry standards and compliance frameworks, specifically NIST 800-53 but awareness of ISO 27001 and Cyber Essentials would be beneficial.
• Awareness and working experience of assessing security controls - specifically technical and administrative controls. Physical controls are managed by a different part of the team at BAE Systems.
• Governance, Risk and Compliance solution experience, preferably RSA Archer.
• Due to the nature of the role you must be a UK national.

Desirable

• ISO 27001 Lead Auditor or ISO 27001 Practitioner
• Professional qualifications such as ISACA CISM, CISA, CRISC or CISSP

Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day.By embracing technology, we can interact, collaborate and create together, even when were working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively,and enhance well-being.Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - canwork together to achieve excellence and realise individual and organisational potential.Division overview: FunctionsAt BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and the business could not operate without all the dedicated work of our Functions teams. From Finance & Operations through Communications & Marketing,to HR and Site Operations and more, our Functions teams enable our divisions to implement ground-breaking digital transformations and crucial defence software.As part of Functions, you will be supporting and partnering with our global business from the backline, being a strategic advisor within your specialist area, and ensuring the business runs smoothly and efficiently. We all have a role to play in defending ourclients; and this is yours.