Security Consultant

at  BAE Systems

LOCATION(S): UK, EUROPE & AFRICA : UK : GLOUCESTER || UK, EUROPE & AFRICA : UK : GREAT BADDOW || UK, EUROPE & AFRICA : UK : GUILDFORD || UK, EUROPE & AFRICA : UK : LEEDS || UK, EUROPE & AFRICA : UK : LONDON || UK, EUROPE & AFRICA : UK : LONDON-CS || UK, EUROPE & AFRICA : UK : MANCHESTER || UK, EUROPE & AFRICA : UK : NR- LONDON || UK, EUROPE & AFRICA : UK : PRESTON || UK, EUROPE & AFRICA : UK : UK HOME

BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.

BAE Systems Digital Intelligence has been contracted to deliver a National Cyber Security Programme in the Middle East as a client side strategic advisor. This is an exciting opportunity to join a best of breed capability delivery team that will deliver a National Programme to enhance a Nations Cyber Security posture. . The role is initially based in the Middle East on assignment for 11 months so there are no options for hybrid working as the majority of time will be spend on client site. Following the initial project the candidate will remain in out international business unit supporting both sort and long-term engagements that range from a few weeks to several months.

• Lead cybersecurity risk assessments, ensuring that risks are identified, evaluated, and appropriate mitigation strategies are developed and delivered.
• Develop a comprehensive understanding of client estates and identify security weaknesses against international standards such as ISO27001 and NIST and develop and produce security improvement plans the BAE Systems business and IT/OT estate, working with various security and threat teams to help prioritise and categorise systems based on their risk
• Develop and maintain the company’s cyber risk management strategy in alignment with industry best practice and regulatory requirements
• Collaborate with senior stakeholders to ensure the cyber risk management programme supports business objectives and operational needs
• Establish and maintain relationships with key stakeholders across the organisation, promoting a culture of cyber security risk awareness
• Create and set-up GRC tools to track and standardise approach to risk assessments and the ongoing management of security improvement plans.
• Lead small and dedicated team of between 2 and 6 people and plan all activities and deliver contractual to the required quality, time and cost parameters. Conduct analysis of information risks at a system, platform or organisational level, including assessment of risk, identification of options for mitigation, and assessment of compliance with control

Experience

• Ability to articulate security advice, often at a technical level, directly to key customer stakeholders
• Excellent interpersonal skills as well as both written and verbal communication and presentation skills
• You will be confident tackling problems and crisis situations, inspiring confidence in the team.
• Proven ability to effectively lead multiple streams and/or deliverables with responsibility for delivering to plan.
• Ability to prioritise workload, work well under pressure and concurrently manage both customer and BAE Systems expectations
• You will have experience in a relevant commercial industry such as financial Robust understanding of risk management theory and frameworks (NIST, ISO)
• Previous experience working in large, internationally distributed and complex organisations
• Ability to manage and influence a wide range of senior stakeholders effectively
• Ability to effectively write reports and present to a high level
• CISSP, CRISC, CISM or other advanced cyber security certification

DIVISION OVERVIEW: CAPABILITIES

At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Capabilities is the engine that keeps the business moving forward. It is the largest area of Digital Intelligence, containing our Engineering, Consulting and Project Management teams that design and implement the defence solutions and digital transformation projects that make us a globally recognised brand in both the public and private sector.
As a member of the Capabilities team, you will be creating and managing the solutions that earn us our place in an ever changing digital world. We all have a role to play in defending our clients, and this is yours

• Lead cybersecurity risk assessments, ensuring that risks are identified, evaluated, and appropriate mitigation strategies are developed and delivered.
• Develop a comprehensive understanding of client estates and identify security weaknesses against international standards such as ISO27001 and NIST and develop and produce security improvement plans the BAE Systems business and IT/OT estate, working with various security and threat teams to help prioritise and categorise systems based on their risk
• Develop and maintain the company’s cyber risk management strategy in alignment with industry best practice and regulatory requirements
• Collaborate with senior stakeholders to ensure the cyber risk management programme supports business objectives and operational needs
• Establish and maintain relationships with key stakeholders across the organisation, promoting a culture of cyber security risk awareness
• Create and set-up GRC tools to track and standardise approach to risk assessments and the ongoing management of security improvement plans.
• Lead small and dedicated team of between 2 and 6 people and plan all activities and deliver contractual to the required quality, time and cost parameters. Conduct analysis of information risks at a system, platform or organisational level, including assessment of risk, identification of options for mitigation, and assessment of compliance with contro