SC Cleared Product Security Analyst Engineer
KDC are looking for a Product Security Analyst Engineer
for one of our clients who provide some of the world’s most advanced, technology-led defence, aerospace, and security solutions. They search for new ways to provide customers with a competitive edge across the air, maritime, land and cyber domains.
The PSA Engineer will be a focal point for security and information risk matters within the Product Security Engineering (PSyE) team and will be able to apply their deep level of subject matter expertise and experience to ensure that submarine systems and products are delivered and can be managed and supported through-life. They will provide subject matter expertise and advice to other functional and capability areas to support overall project delivery and performance and advice and consultancy to design authorities and interested stakeholders.
- Developing Risk Management Accreditation Document Set (RMADs)
- Performing risk assessments using multiple methods including IS1, ISO27001, NIST, Mitre, STRIDE.
- Selection of security controls, providing guidance on implementation and capture of compliance.
- Attendance at Security Working Groups (SWGs), design reviews and gate reviews
- Be able to contribute and influence the development of Product Security strategies, policies, guidance, good practices, and awareness.
- Be able to recommend appropriate controls to mitigate identified risks in line with government and MOD policies and good practice, to provide more cost-effective risk mitigation in the longer term.
- Former CLAS consultant
- Strong experience of developing Risk Management Accreditation Document Set (RMADS).
- Current CISSP or CISM qualification
- Strong background in HMG and MoD Policies, SPF, JSP440, JSP 604, and TEMPEST
- Proven experience of assessing and managing information risk in line with industry good practice.
- Proven experience of applying Product Security/Information Security concepts to applicable technologies within the environment (or similar). Experience of Product Security Engineering activities in the defence, maritime or closely linked domain.
6 Month contract with potential extension If you are interested in this role, please click applyInside IR35
- Degree (or equivalent experience) in a relevant STEM subject or Information Security related.
- Holds NCSC CCP SIRA status
- Industry Security Qualifications held, CCNP, MS, Comptia, SANS