Senior Information Security Officer

Job Title: Senior Information Security Officer

Location: Warton – We offer a range of hybrid and flexible working arrangements – please speak to your recruiter about the options for this particular role.

Salary: £49,400+ DOE

What you’ll be doing:

• Establish and maintain a strong technical understanding of all applicable corporate, customer and industry Cyber Security Standards
• Develop and maintain all accreditation and assurance material necessary to gain authority/approval to operate
• Undertake regular compliance confirmation audits and vulnerability assessments
• Analyse assessment results, any new or emerging residual risks and provide remedial recommendations to the wider engineering teams
• Communicate effectively both within the team and to the engineering manager, identifying early potential risks, seeking clarification and direction

Your skills and experiences:

Essential

• Possess a broad and comprehensive technical knowledge of IT infrastructure and technologies, with proven specialism in Operational Technology (OT) and engineering systems
• Demonstrate an excellent understanding of government and industry-standard security policies, standards, and best practice guidance, particularly within highly regulated environments
• Bring hands-on experience of working within an IT function and applying expertise in the relevant technical field

Desirable

• Proven experience in managing and delivering key cyber security projects, from initiation through to successful completion, ensuring alignment with organisational objectives and security best practices
• Professional IT Security qualifications such as Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP)
• Experience within the cyber security domain and familiarity with applicable standards, processes and control frameworks. E.g. NIST 800-53, STIGs, Def Stan 05-138, Joint Service Publications and the MoD Secure by Design Process.

Benefits:

You’ll receive benefits including a competitive pension scheme, enhanced annual leave allowance and a Company contributed Share Incentive Plan. You’ll also have access to additional benefits such as flexible working, an employee assistance programme, Cycle2work and employee discounts – you may also be eligible for an annual incentive.

The Synthetic Training Information System Security Team

We have an exciting opportunity for a confident and ambitious Engineer to join the Synthetic Training Information System Security Team. You will be part of the ISSO team, helping to keep BAE’s synthetic training devices, including Typhoon flight simulators, secure and compliant with corporate, customer, and industry standards.

You will work on both existing systems and new developments, carrying out compliance checks, vulnerability assessments, and assurance reviews, while collaborating with ISSO teams at customer locations as part of a wider community of practice. The role is mainly based at Warton, but there will be opportunities to support projects across the UK and abroad.

Full on the job training will be provided so you can quickly get up to speed with our processes, tools, security standards, and product architecture. This is a hands-on role where you can make a real impact on cutting-edge, mission-critical training systems.

Why BAE Systems?

This is a place where you’ll be able to make a real difference. You’ll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you’ll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.

Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks.