Job Description

Product Security - Information Risk, RMADS, Strategy

A Product Security Engineer with Information Risk, RMADS and Strategies is required to work on a twelve month contract, with the possibility of extension for our Defence client based in Weymouth

This is a contract within the Naval Defence Industry.

Overview of the Product Security contract roles

Job Description

The PSA Principal Engineer will be a focal point for security and information risk matters within the Product Security Engineering (PSyE) team and will be able to apply their deep level of subject matter expertise and experience to ensure that submarine systems and products are delivered and can be managed and supported through-life. They will be able to support the appropriate authorities/management to ensure the delivered solutions meet the specified contractual and regulatory requirements and can be operated securely, correctly and safely. They will provide subject matter expertise and advice to other functional and capability areas to support overall project delivery and performance.

The PSA Principal Engineer will have a good understanding of the applicable regulations, standards, policies and guidance on information risk management, to be able to identify, analyse and evaluate information risks. They will be able to speak knowledgably and credibly with customer, user and internal stakeholders to explain the causes of information risks, their likelihood and potential operational and business impacts. They will be able to document and present risk management options to the business and participate in discussions.

The PSA Principal Engineer will have a working knowledge of the cyber security and information assurance marketplace, including products, suppliers and key threats, and will also have an understanding of the direction of potential future technologies.

Responsibilities

The PSA Principal Engineer will be responsible for, or provide input to the following typical key deliverables, dependent on the role and the place the project is in the engineering lifecycle:

  • Risk Management Accreditation Document Set (RMADS).
  • Security Strategy and other accreditation documentation
  • Captured and agreed technical requirements in accordance with company and programme processes.
  • Compliant technical solutions against contractual requirements and regulations.
  • Technical input and appropriate consideration of product security activities and issues for LCM deliverables and Design Reviews, including Sub-Contract Design Reviews.
  • Captured and agreed input to appropriate Verification and Qualification Plans.
  • Specialist advice and contribution to other project documentation, such as Training Needs Analysis (TNA), Technical Publications, Cyber Incident Plans and Operating Instructions (list is not exhaustive).

Key skills required for the Product Security Engineer

The Individual

  • Degree (or equivalent experience) in a relevant STEM subject or Information Security related.
  • Holds NCSC CCP SIRA status (or able to achieve)
  • Good understanding of information security principles and is able to advise on the potential impact to Product Systems.
  • Experience of Product Security Engineering activities in the defence, maritime or closely linked domain.
  • Knowledge of security related activities required to support the engineering lifecycle with experience of operating in the phase relevant to the role.
  • Proven experience of assessing and managing information risk in line with industry good practice.
  • Experience of assessing and advising on controls to support Product Safety.
  • Proven experience of applying Product Security/Information Security concepts to applicable technologies within the environment (or similar).
  • Supports and contributes to information security professional bodies and industry forums.
  • Can demonstrate experience of mentoring and/or providing support to others.
  • Is a member of a professional institute
  • Can demonstrate continuous improvement, professional development and awareness of current industry good practice.

The role is based in Weymouth, Dorset - commutable from Dorchester, Poole, Bournemouth, Christchurch, Blandford Forum, Bere Regis, Bovington, Sherborne, Yeovil, Crewkerne, Honiton, Axminster, Lyme Regis and Bridport

If you are a Product Security Engineer looking for a new contract either apply online or if would like to find out about other opportunities please contact Paul Scott on pscott@outsource-uk.co.uk or phone 0161 694 9198

Do you know anyone who might be looking for a new role? You could benefit from our candidate referral scheme. Contact me on the above contact details for more information.

Outsource UK - Curating Specialist Talent

We're one of the largest independent staffing companies in the UK, focussed on Technology, Change and Engineering talent. For over 30 years we have been taking care of everything for jobseekers and clients alike. We pride ourselves on listening to your needs and working closely with you to find the right role or hire for you.

Outsource - taking care of everything

Ready to Start?

Apply now
Outsource - taking care of everything