The Boeing Company Information Security Adviser in Bristol, United Kingdom
An exciting opportunity has arise for an
Information Security Adviser
to join Boeing Defence UK in
Due to continued business growth there is an opportunity to join a multi-skilled security team that delivers all aspects of protective security to Boeing Defence UK (BDUK), including information security and assurance, personnel security, business continuity and counter threat support and risk advice.
BDUK is seeking an experienced Information Security Adviser to work alongside other Boeing Security Advisers to deliver the security aspects bringing a new aircraft platform into service.
The role will be expected to: design and produce a Risk Management and Accreditation Document Set (RMADS) and other supporting security artefacts for an aircraft platform made up of numerous interlinked systems; work with system engineers to prepare for the accreditation; organise security testing of the systems, and; liaise with the accreditor to enable programme execution.
The post holder will also have experience of accreditation and management of international communications networks. Post initial operating capability the role will be integral to maintaining the continued authority to operate by maintaining the Information Security Management System throughout the Sustainment phase of the programme.
Identifying security risks within complex air/ground computer and information systems and developing for implementation, effective and risk balanced security measures.
Ensure Supply Chain Security Assurance through application of the Defence Cyber Protection Partnership (DCPP) and other relevant standards and policies.
Providing security documentation and evidence to meet HMG (MOD) security accreditation requirements.
Liaison with customers, accreditors and technical authorities, including attendance at Security Working Groups.
Performing security analysis of operational environments, threats, vulnerabilities and internal interfaces to define and assess compliance to accepted industry and government standards
Contributing to the development of information governance and risk management structures and processes.
Assisting in the integration of information assurance activities with the system engineering, design and manufacturing elements of new business ventures and programmes.
Engaging with stakeholders, the engineering team and sub-contractors to provide direction, guidance and support on acceptable and balanced information security solutions.
Developing business and user focused security policies, procedures, processes and operational guidance for the compliant delivery of customer information security requirements.
Maintaining knowledge of technology development (both hardware and software), threat actors, tools and techniques and the risk implications for information security.
Ideally qualified to degree level (or equivalent) or with substantial relevant information security experience, particularly within a similar role in UK Government or Defence.
Relevant industry security certifications would be advantageous (e.g. CCP (Ex-CLAS), CISSP, CISM).
Knowledge and understanding of MOD and Government information security policy, standards and guidance.
Experience of assuring IT systems in a secure government environment (MOD)
Understanding of systems and security verification, validation, testing and evaluation approaches, including HMG Information Assurance schemes and processes.
Knowledge and understanding of CESG CAPS and CPA processes and evaluations.
Experience in generation of information security Risk Assessments, Risk Treatment Plans and Risk Management and Accreditation Documents.
Experience in the specification and development of effective and balanced information assurance solutions or approaches.
Ability to analyse the security aspects of business risks
Pragmatic approach to the recommendation of security controls.
Ability to plan, prioritise and manage own workload with limited day-to-day supervision, but know when to seek assistance/escalate.
Experience of working within a multinational matrix management environment/ structure and a large-scale, complex international organization, but also within small teams, would be highly advantageous.
Experience of working with and accrediting an aircraft platforms and communication networks
Information assurance experience across the Systems Engineering, Development Lifecycle would be preferred.
Experience of participating in developing security solutions in response to customer requirements.
Detailed understanding of data protection controls and practices.
Knowledge of computer security audit and investigative techniques is desirable.
Effective written and verbal communication skills with ability to adapt depending on audience; ability to explain technical issues in simple language to non-technical consumers is essential.
Ability to contribute to cost, schedule adherence, and technical performance trade-offs.
Clear task focus with ability to separate out and communicate key elements from extraneous detail.
The successful applicant must have an active, or be eligible to obtain, Developed Vetting level (DV) UK Security Clearance.
This role is subject to contract award.
Please apply asap for this role as recruitment may commence before the end date
Important information regarding this requisition: This requisition is for a locally hired position in the UK. CANDIDATES MUST HAVE CURRENT LEGAL AUTHORIZATION TO WORK IMMEDIATELY IN THE UNITED KINGDOM. BOEING WILL NOT ATTEMPT TO OBTAIN IMMIGRATION AND LABOR SPONSORSHIP FOR ANY APPLICANTS. Benefits and pay are determined at the local level and are not part of Boeing U.S. based payroll.
PLEASE NOTE: The successful candidate will be expected to undergo a SECURITY CHECK/CLEARANCE
Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.