Principal Engineer – Product Security (Analyst)

at  BAE Systems

Job Title: Principal Engineer – Product Security (Analyst)
Location: Coventry. We offer a range of hybrid and flexible working arrangements – please speak to your recruiter about the options for this particular role.
Salary: Competitive

YOUR SKILLS AND EXPERIENCES:

Essential:

• Degree (or equivalent experience) in a relevant STEM subject or Information Security related
• Recognised Industry Security Qualifications, e.g. CCP, CISSP, CISM (or able to achieve)
• Proven experience of assessing and managing risk in line with industry good practice (NIST, ISO 27001)
• Significant experience with using security baselines, mitigations and controls
• Engineering background and or strong familiarity with a life cycle phased approach

Desirable:

• Experience of Product Security activities in the defence, maritime or closely linked domain
• Experience of MOD Policies and regulations such as SPF, JSP 440 and JSP604 and production of Risk Management Accreditation Document Set (RMADS)
• Knowledge of the challenges affecting security of Operational Technologies/ Industrial Control Systems and approaches to secure them
• Project Management exposure

• As a Cyber Security and Resilience specialist you will work directly with electrical, mechanical and nuclear systems engineers to identify security risk and set security controls for their systems
• As a Security Lead for the Product, develop and implement an effective Cyber Security Strategy, ensuring alignment with industry best practice and business process. Using this strategy develop and deliver the Product Security Case
• Liaise with key internal and external stakeholders to shape future Product Security Policy for the Product and provide assurance to the customer through regular SWG
• Produce test plans-and schedules together conducting informal and formal cyber security testing
• Support engineering gated reviews and design assurance activities