Cyber Risk & Assurance Assessor at BAE Systems

, , United Kingdom -

Full Time

Start Date

Immediate

Expiry Date

20 May, 26

Salary

65000.0

Posted On

19 Feb, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cyber Security Assessments, Audits, Risk Assessments, IT Systems, OT Systems, Risk Remediation, Penetration Tests, Technical Surveillance Counter Measures, Cyber Capability Development, Training, Security Policy, NIST 800-53, Risk Management Methodologies, Cyber Risk Management, Security Assurance, Vulnerability Analysis

Industry

Defense and Space Manufacturing

Description

Job Title: Cyber Risk & Assurance Assessor Salary: Up to £65,000 dependent on skills and experience Location: Scotstoun - We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role What you’ll be doing: Delivery of Cyber Security Assessments/Audits against internal control framework Conduct Risk Assessments of IT and OT systems with the business stakeholders Manage risk remediation activities to within risk tolerance Co-ordinate penetration tests of systems in your scope as per the penetration testing schedule Support delivery of sweeps using Technical Surveillance Counter Measures (TSCM) equipment Support the business to develop cyber capability through the delivery of training Coach other team members and wider IT on Cyber security controls and best practice Support cyber security awareness via events and other activities in the business Your skills and experiences: Essential: In-depth knowledge of industry standard security policy, standards (preferably NIST 800-53) and good practice guidance and their application to a variety of IT solutions processing protectively marked information. IT Security assurance experience, dealing with security risk, requirements, technologies and architectures. Experience in risk management and the application of risk management methodologies, as well as in-depth knowledge of cyber risk management: threats, vulnerabilities and risk mitigations techniques Experience of conducting cyber security audits or assessments systems against comprehensive cyber security standards Desirable: CISSP, CISA/CISM or ISO27001 certification Experience with Operational Technology Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Cyber Assurance Team: Join a growing team where you’ll take ownership of core cyber assurance activities. You will deliver cyber security assessments to ensure IT and OT systems are secure and have effective Cyber controls, measure and manage cyber risk, and oversee penetration testing and vulnerability analysis to drive mitigation actions. To be able to do this effectively you will work closely with stakeholders throughout the business whilst promoting security, and build emerging cyber capabilities — including developing your skills in TSCM technologies. Why BAE Systems? This is a place where you’ll be able to make a real difference. You’ll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you’ll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Closing Date: 5th March 2026 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible. #LI-AP1 #LI-hybrid

Responsibilities

The role involves delivering Cyber Security Assessments and Audits against internal control frameworks, conducting risk assessments for IT and OT systems with stakeholders, and managing risk remediation activities to stay within tolerance. Additionally, the assessor will coordinate penetration tests and support the delivery of sweeps using Technical Surveillance Counter Measures (TSCM) equipment.