Information Security Officer (Assurance)

Employer
BAE Systems Digital Intelligence
Location
Amersham, Gloucester, Guildford, Leeds, London, UK Home, Client Site United Kingdom - Buckinghamshire, Client Site United Kingdom - Greater Manchester, Client Site United Kingdom - Midlands, Coventry-CS, London-CS, Milton Keynes-CS, Great B
Salary
Competitive
Closing date
11 Sep 2022

View more

Sector
Defence , Engineering, IT
Job Role
Security Consultant
Job Type
Permanent
You need to sign in or create an account to save a job.

Job Details

BAE Systems Digital Intelligence

Role Profile

1. Role Details

Job Role

Information Security Assurance Officer

Reports To

(job role)

Information Security

Assurance Lead

Business Unit/

Capabilities/Function

Office of the MD

Sub Group/

Practice

Information Security Team

Grade

F04

Date

June 2022

2. Role Purpose (recommended 1 paragraph)

Information Security (InfoSec) is expected to enhance business effectiveness, reduce risk exposure and certify that controls are in place to assure the confidentiality, integrity and availability of information flow, both internally and externally.

InfoSec team members work in collaboration with Programme and Project Managers, Technical Architects, Business Analysts and specialist teams (Procurement, Engineering, CloudOps, Networking, Infrastructure).

As Information Security Assurance Officer (ISAO), you will be working within the InfoSec function to provide and promote Assurance and Operational based support in line with established policy and procedure with a broad demonstrable knowledge and experience across Information Security frameworks, governance, technologies and tools.

An ISAO will provide integration support, operating in collaboration with the InfoSec team by taking the product/service/application from conception to production, handle direct approaches from the business as well as undertake monitoring and reporting duties.

It is expected that InfoSec team members are able to demonstrate, articulate and illustrate to stakeholders, management and colleagues, as to why or how proposed security controls are necessary and the value they add to solutions.

3. Core Duties / Key Accountabilities (recommended 10-12 points)
  • Support the Information Security Assurance function in the assessment of designs and various work packages, plus collaborate with Project teams to ensure deliverables are met in line with security procedures and adopted best practise.
  • Promote the InfoSec requirements within the company and work to improve security outcomes.
  • Assist in providing Information Security supplier assessments, service/application reviews and in the completion of data compliance activities on the commercial estate; in-house or Cloud based.
  • Support in the assessment of risk and ongoing management of risk.
  • Assist in activities to maintain compliance with Digital Intelligence (DI) policy, BAE Systems Global and International (ISO) standards, Cloud and Cyber frameworks, in addition to Cyber Essentials and other associated legal, regulatory and company controls.
  • Support the head of function in the provision of security awareness programmes for the company.
  • Assist in the collation of master records of all Information Security related incidents to provide reporting and on-going metrics for trend analysis to drive security strategies.
  • Support the head of function in providing regional information security support and services.
  • Provide support to other InfoSec team members, balancing workloads and sharing knowledge.
  • Adopt responsibilities as directed by the Head of Information Security.
  • Promote and ensure BAE Systems Behaviours.

Budget Holder Responsibility (if applicable):
  • N/A

Vendor Management Responsibility (if applicable):
  • Liaison with Procurement team.
  • Liaison with main IT service providers.
  • Liaison with Project teams collectively and individuals team members separately.

Direct Reports (if applicable):
  • N/A

Accountable for overall headcount of (if applicable):
  • N/A


4. Functional Knowledge (Requirements for knowledge of functional work and activities, the technical expertise)

Requirements:
  • Experience of Information Security and Cloud frameworks/regulations, such as:
  • ISO / CSA / CIS / OWASP / NIST / ISO 27001
  • Working knowledge and experience in performing data security, data privacy discussions, reviews, and IT/security audits.
  • Data security or security architecture and engineering experience; in-house or Cloud.
  • Ability to work within matrixed resources in a team environment, possessing strong organisational, time management and diplomacy skills.
  • Independent tasking and project completion with minimal supervision is a must
  • Analytical and problem-solving skills as well as interpersonal skills to interact with users, team members and senior management/stakeholders.
  • Progressing experience with increasing responsibilities within Information Security Department.


Please note to be considered for this position you must be eligible for UK Security Clearance

Whilst we are operating on a Hybrid working pattern there will be a requirement to visit our offices for regular meetings in Guildford, London and Gt Baddow in line with business requirements

Desirable Qualifications:
  • Desirable certifications include recognised professional security qualification/membership such as CompTIA or equivalent with capability to obtain CISSP, CCSP, CCSK.
  • Excellent communications and documentational skills.
  • Ability to obtain Developed Vetting National Security Clearance.
  • UK National status.


5. Business Expertise (Requirements of the role for knowledge and expertise about the business, rather than the technical expertise)
  • Understanding key client roles and relationships.


6. Leadership (Requirements of the role for providing leadership and guidance to others, complexity of team(s) managed)
  • Direction and support of BAE Systems Digital Intelligence employees, providing security expertise and guidance.


7. Problem Solving (Breadth of mental skills required in order to perform the role)
  • Applying policies to ensure personnel, infrastructure, information, and assets are secure.
  • Ability to identify and effectively communicate business related security risks.


8. Nature of Impact (Impact on business by detailing the overall responsibility associated with the role)
  • Responsible for ensuring continual compliance in line with Assurance activities.


9. Area of Impact (Business area impacted Delivery/Functional)
  • Entire DI Estate, including personnel, infrastructure (on-premises and cloud estate), information, and assets.


10. Interpersonal Skills (Type of people skills required to perform the job, internal/external)

Experience with world cyber issues gained from working with the balance of business system availability and ongoing security.

A thorough understanding of all layers of IT infrastructure and how security principles apply to them.

Significant experience working with ISMS.

Experience with, but not limited to, cryptography, cloud security, identity and access management, security governance, threat landscape.

Working knowledge of the Cyber Kill Chain and Incident Response phases.

Ability to take a risk-based and pragmatic approach on activities to organise, prioritise and action team tasks through to a rapid conclusion.

Coaching/Mentoring team members in security techniques and best practice.

Key Interpersonal Skills
  • Able to work on own initiative with minimum supervision.
  • Ability to communicate effectively across a variety of internal and external stakeholders.
  • An ability to manage time and commitments.
  • Drive to develop and maintain key relationships with Business Division and Function managers to fully understand their operational drivers and requirements.
  • Ability and presence to liaise effectively with national security agencies in the UK.


Life at BAE Systems Digital Intelligence

We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing.

Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential.

About BAE Systems Digital Intelligence

BAE Systems Digital Intelligence is home to 4,800 digital, cyber and intelligence experts. We work collaboratively across 16 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.

Launched in 2022, Digital Intelligence is part of BAE Systems, and has a rich heritage in helping to defend nations and businesses around the world from advanced threats.

Division overview: Functions

At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and the business could not operate without all the dedicated work of our Functions teams. From Finance & Operations through Communications & Marketing, to HR and Site Operations and more, our Functions teams enable our divisions to implement ground-breaking digital transformations and crucial defence software.

As part of Functions, you will be supporting and partnering with our global business from the backline, being a strategic advisor within your specialist area, and ensuring the business runs smoothly and efficiently. We all have a role to play in defending our clients; and this is yours.

Company

BAE Systems Digital Intelligence is home to 4,800 digital, cyber and intelligence experts. We work collaboratively across 16 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.

Launched in 2022, Digital Intelligence is part of BAE Systems, and has a rich heritage in helping to defend nations and businesses around the world from advanced threats.

Find Us
Location
Guildford, Surrey
GB
You need to sign in or create an account to save a job.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert