Lead Information Security Adviser

Company:

Boeing delivers leading-edge platforms technology services and capabilities to bring the best value to the Ministry of Defence and UK national security services.
Employing more than 2100 people Boeing Defence UK provides long-term support for more than 120 Boeing military rotary-wing and fixed-wing aircrafts in the UK. For example the Chinook and Apache helicopters and the Poseidon and C-17 airplanes. Our support ranges from mission critical Logistics Information Services next generation in-flight digital tools to aircraft and operational modelling and simulation methodology.
Leveraging our established defence business in the UK and blending our local expertise with our One Boeing global approach Boeing Defence UK is well positioned to support the UK with its current and future defence and security challenges.

An exciting opportunity has arisen for a Lead Information Security Adviser to join Boeing Defence UK in the support of the Defence Equipment Engineering and Asset Management System (DEEAMS) programme.
Due to continued business growth there is an opportunity to join a multi-skilled security team that delivers all aspects of protective security to Boeing Defence UK (BDUK) including information security and assurance personnel security business continuity and counter threat support and risk advice. The successful candidate would be a part of a supportive team of around 26 with access to varied work and opportunities to progress their career alongside the growth of the business. At Boeing were committed to rewarding excellence and fostering an inclusive environment where team members are seen heard valued respected and fully engaged.

The successful candidate will work alongside other Boeing Security Advisers to deliver the security aspects of bringing a new information services solution into service whilst working with both the UK customer and collaborating with external suppliers and other agencies. The role will be expected to: design and produce security artefacts associated with implementing and maintaining the new solution preparing security assurance evidence organise security testing of the systems liaise with the customer and other agencies as required and deliver other programme contractual deliverables as required.

The post holder will also have experience of information security defence security management and defence cyber protection partnership processes. Post initial operating capability the role will be integral to maintaining the continued authority to operate by maintaining the Information Security Management System throughout the Sustainment phase of the programme.

Please note: this role is subject to successful Contract Award. This is an on-site role based in Bristol with flexibility for occasional remote working at the discretion of the management team.

Position Responsibilities:

• Identifying security risks within complex information systems and developing for implementation effective and risk balanced security measures
• Ensure Supply Chain Security Assurance through application of the Defence Cyber Protection Partnership (DCPP) and other relevant standards and policies
• Providing security documentation and evidence to meet HMG (MOD) security assurance requirements
• Liaison with customers Delivery Team Security Leads and technical authorities including attendance at Security Working Groups
• Performing security analysis of operational environments threats vulnerabilities and internal interfaces to define and assess compliance to accepted industry and government standards
• Contributing to the development of information governance and risk management structures and processes
• Assisting in the integration of information assurance activities with the system engineering design and manufacturing elements of new business ventures and programmes
• Engaging with stakeholders the engineering team and sub-contractors to provide direction guidance and support on acceptable and balanced information security solutions
• Developing business and user focused security policies procedures processes and operational guidance for the compliant delivery of customer information security requirements
• Maintaining knowledge of technology development (both hardware and software) threat actors tools and techniques and the risk implications for information security
• Deliver programme security onboarding training to the Boeing programme team
• Provide ad hoc security advice to the Boeing DEEAMS delivery team
• Preferred Qualifications/Education
• Ideally qualified to degree level (or equivalent) OR with substantial relevant information security experience particularly within a similar role in UK Government or Defence
• Relevant industry security certifications would be advantageous (e.g. SC2 Certified in Cyber Security (CC) CISMP CCP (Ex-CLAS) CISSP CISM).
• Knowledge/Competences

Basic Qualifications (Required Skills/Experience):

• Knowledge and understanding of MOD and Government information security policy standards and guidance.
• Experience of assuring IT systems in a secure government environment (MOD)
• Understanding of systems and security verification validation testing and evaluation approaches.
• Experience in generation of information security Risk Assessments Risk Treatment Plans.
• Experience in the specification and development of effective and balanced information assurance solutions or approaches.
• Ability to analyse the security aspects of business risks
• Pragmatic approach to the recommendation of security controls.
• Ability to plan prioritise and manage own workload with limited day-to-day supervision but know when to seek assistance/escalate

Preferred Qualifications (Desired Skills/Experience):

• Experience of working within a multinational matrix management environment/ structure and a large-scale complex international organization but also within small teams would be highly advantageous.
• Experience of working with and assurance/gaining authority to operate information system related platforms and communication networks
• Information assurance experience across Cloud services and Systems Engineering Development Lifecycle would be preferred.
• Experience of participating in developing security solutions in response to customer requirements.
• Experience of SAP or other Enterprise Resource Planning systems.
• Experience of systems rollout and hyper care activities.
• Detailed understanding of data protection controls and practices.
• Knowledge of computer security audit and investigative techniques is desirable.
• Effective written and verbal communication skills with ability to adapt depending on audience; ability to explain technical issues in simple language to non-technical consumers is essential.
• Ability to contribute to cost schedule adherence and technical performance trade-offs.
• Clear task focus with ability to separate out and communicate key elements from extraneous detail.
• Team player with a collaborative working mindsets especially with cross functional teams.
• An independent self-starter with a proactive mindset.

Work Authorisation:

This requisition is for a locally hired position in the UK. Candidates must have current legal authorisation to work immediately in the United Kingdom. Boeing will not attempt to obtain Immigration and labour sponsorship for any applicants.

Benefits and pay are determined at the local level and are not part of Boeing U.S. based payroll.

Language Requirements:

Education:

Relocation:

Security Clearance:

Visa Sponsorship:

Contingent Upon Award Program

Shift: