Job Description

Location: Gloucester (minimum of 2 days per week onsite)

Duration: 6 month initial contract OR permanent

(Inside IR35)

Role

Our client, a leader in the Defence & Security sector, is seeking a Lead System Security Engineer with eDV Clearance to join their team in Gloucester. This role is available as both a permanent position and on a contract basis, with a requirement to work on-site for at least two days per week.

Key Responsibilities:

Ensure programme information assets are protected through policy, procedural, and technical enhancements.

Act as a trusted advisor to the programme to ensure industry best practice and customer security requirements are met.

Lead small consultancy engagements and provide clear, evidence-based reports.

Formulate, record, and manage risk effectively.

Decompose security requirements and understand their implications.

Implement Information Assurance (IA) measures to protect and defend information systems.

Apply knowledge of security architecture, PERSEC (personal security), and Cyber Security principles.

Job Requirements:

Forward facing (used to talking to/chairing meetings with customers at a senior level)

Understanding of formulating, recording and managing risk

Understands security requirements and how to decompose them

Knowledge of Information Assurance (IA) processes and procedures

Understanding/experience of Secure by Design

Understanding/experience of waterfall and agile methodologies

Understanding how obsolescence impacts Information Assurance

Supporting the development of Risk Management Framework documents and controls

Preferred Skills:

Worked with MOD or other similar agencies

Experience/understanding of Cryptography including processes and procedures

Experience of assessment of systems in a non-standard environment

Experience of being on a Bid team

Understanding of simulated environments (eg actual vs dummy datasets)

Working knowledge of ISO 27001 or equivalent standards

Working knowledge of NIST Risk Management Framework

Hold a current professional Information Security certification or qualification (e.g. CISSP, CISM, CRISC, BCS CITP)

DV clearance, or the willingness and ability to become DV cleared

Ability to work within a fast-paced environment

Demonstrable knowledge of HMG Security Policy Framework, ISO 27001 and NIST Risk Management Framework.

Benefits:

Opportunity to work in a fast-paced and dynamic environment.

Professional development and training opportunities.

Access to a comprehensive employee benefits package.

If you have experience in systems engineering and information security and hold a current eDV clearance, we would love to hear from you. Apply now to join our client's team in Gloucester