Candidates: Create an Account or Sign In
You will act as the security expert for product development, encompassing elements of cyber security, and will provide key expertise in integration, test, and compliance activities.
Key Responsibilities:
Acting as the company expert for all matters of product-related cyber security, ensuring confidentiality, integrity, availability, and reputation are maintained
Supporting the development and maintenance of company security policies
Managing the company Information Security Management System (ISMS)
Consulting across development projects, including reviews, risk analysis, and identification of mitigation activities
Executing risk treatment plans following security risk assessments to ensure appropriate and managed security controls
Participating in customer working groups as needed
Negotiating and ensuring compliance with customer security requirements
Owning and reviewing security documentation
Managing security assessments and IT Health Checks (ITHCs) during product development
Defining security test strategies and conducting verification and compliance assessments
Contributing to and presenting at design reviews
Job Requirements:
Proficiency in security standards applicable to cyber security-related products
Ability to perform vulnerability analysis, assess, and manage risks
Capability to verify and enforce compliance with all security requirements through ISMS audits and verification campaigns
Ability to produce high-quality documentation that serves as the foundation of security architecture design and verification
Strong communication skills across all levels of the organisation, as well as with customers and suppliers
Ability to work effectively independently or as part of a team, in both leadership and supporting roles
Understanding of UK NCSC guidelines and secure by design principles relevant to UK MOD
DV or SC Clearance as relevant for 2023 or 2024
Qualifications and Experience:
Experience in the industry
Knowledge of ISO/IEC 27000 standards, including ISMS and information security risk management
Experience in avionics and/or defence industries advantageous
Knowledge of information security techniques relevant to communication systems or the Internet beneficial
Experience with ITHC beneficial, ideally NCSC CHECK penetration testing
Understanding of the NIST Cybersecurity Framework beneficial
Familiarity with UK or US military and government security standards beneficial
Benefits:
Competitive salary
Opportunity to work on a variety of challenging and innovative projects
Professional development and training opportunities
Supportive and collaborative work environment
Comprehensive employee benefits package
If you are a proficient Product Security SME seeking a role that allows you to utilise your expertise in the defence and security sector, we encourage you to apply now and join our client's dynamic and talented team in Buckinghamshire