Helping clients clearly understand their exposure to cyber security threats/risks and put in place pragmatic and cost effective controls. Identify, manage and treat risk to a client's information and information technology assets.
Progression from this role may be into any of the three other Cyber roles: Enterprise Security Consultant; Security Architecture Consultant; or Technical Security Consultant.Core Duties/Key Accountabilities Accountabilities
Skills and Knowledge Required Professional Skills:
- Understanding business and information risk context (typical business drivers, cyber security threats and implementation challenges) of our customers
- Judge risk at a technical and business process level and clearly articulate both verbally and in writing to key stakeholders
- Reviewing effectiveness of controls (in relation to known controls frameworks as appropriate) and proposing proportionate security improvements
- Analysing and researching security technologies to support the development of innovative solutions
- Assesses risk at the business function or process level
- Translates proficiently framework controls into business requirements in straightforward situations
- Leads client interviews or small investigations to determine business impact
- Conducts site security visits and environmental security assessments
- Applies standard frameworks or relevant BAE Systems IPR/standard approaches
- Leads the creation of risk assessment/reports
- Works with account teams to identify new opportunities for work and support the production of quality proposals
- Ability to articulate and pitch security advice, often at a technical level, directly to key customer stakeholders
- Excellent interpersonal skills as well as both written and verbal communication and presentation skills
- Ability to prioritise workload, work well under pressure and concurrently manage both customer and BAE Systems expectations
- Experience working within Financial Services, ideally banking or insurance
- Threat modelling
- Practical understanding of technical aspects of cyber security (e.g. vulnerability management, penetration testing, protective monitoring)
- Experience with toolsets including Qualys, RiskSense and ServiceNow would be highly desirable
- Understanding of regulatory requirements such as CBEST and TIBER
The ability to obtain security clearance (SC) is highly desirable but is not essential.Life at BAE Systems Applied Intelligence
We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing.
Diversity and inclusion are integral to the success of BAE Systems Applied Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Applied Intelligence
We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.Division overview: Government
At BAE Systems Applied Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Government contracts are an area we have many decades of experience in. Our Government business unit houses four of our critical client groups: UK National Security, Global National Security, defence and central government. Government and key infrastructure networks are critical targets to defend as the effects of these networks being breached can be devastating.
As a member of the Government business unit, you will defend the connected world and ensure the protection of nations. We all have a role to play in defending our clients, and this is yours.