Principal Cyber Security Engineer

Job Title: Principal Cyber Security Engineer
Location: Barrow-In-Furness – We offer a range of hybrid and flexible working arrangements – please speak to your recruiter about the options for this particular role.
Salary: Negotiable, depending on experience

What you’ll be doing:

• Manage and deliver a Submarines Business Unit Product Security Assurance Audit schedule within the scope of EPAD
• Be able to plan and manage work concurrently across multiple security work programmes
• Be able to select appropriate Product Security Assurance techniques which are consistent and repeatable for use across a programme
• Represent the EPAD at Design Reviews and other various engagements, to ensure that Product Security is appropriately considered at each stage of the design lifecycle
• Be able to contribute and influence the development of Product Security strategies, policies, guidance, good practices and awareness
• Ensure that Product Security activities within a programme, a project, system or equipment, are delivered and managed using recognised techniques and in accordance with the Submarines Product Security Management System (PsecMS)
• Provide regular updates on assurance status/progress in accordance with programme/project specific reporting cycles

Your skills and experiences:
Essential:

• Degree (or equivalent experience) in a relevant STEM subject or Information Security related.
• Relevant Professional certification such as CISSP, CISM or CCP
• SIRA status (or able to achieve)

• Experience in Cyber Security in relation to DEFCON 658, DEFSTAN 05-138, MOD Accreditation/Secure by Design
• ISO 27001 Lead Auditor or Implementer

Benefits:
We offer a competitive pension scheme, employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts – you may also be eligible for an annual incentive.

The Product Security Assurance Principal Engineer will be a focal point for security and information risk matters within the Engineering Product Assurance Department (EPAD). They will have Governance, Risk and Compliance (GRC) subject matter expertise and will be responsible for development of the strategy within the scope of EPAD.

Why BAE Systems?
This is a place where you’ll be able to make a real difference. You’ll be part of an inclusive culture that values thought, rewards integrity, and merit, and where you’ll be empowered to fulfil your potential.

We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.

Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any clearance you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must achieve Baseline Personnel Security Standard as a minimum. Many roles also require higher levels of Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks.