Cyber systems engineer - 1065 - united kingdom, cheltenham, gloucestershire
cyber systems engineer (fixed term contract - 6 months) - hybrid working pattern
my international client is a market leader in the defence sector especially relating to various naval projects. they are looking to recruit a cyber systems engineer for at least 6 months with the option to extend. as projects are uk eyes only you need to already have sc security clearance.
key responsibilities
collaborate with engineering teams and other information security professionals to ensure strong and effective controls are in place to detect and mitigate risks across on-prem and cloud environments to meet business needs and regulatory requirements
perform technical planning, system integration, verification and validation, balancing cost and risk, and supportability and effectiveness analysis across total systems
work collaboratively on multiple concurrent projects, ensuring project and bau activities remain compliant with iso20000 & iso27001
perform system security analysis activities including requirements analysis, gap analysis, and analysis of alternatives
ensure the logical and systematic conversion of security requirements into systems solutions that best mitigate cyber risks within the acknowledged technical, schedule and cost constraints, including activities such as:
secure proxy engineering
firewall policy management
messaging security engineering
remote access engineering
intrusion prevention engineering
network access compliance engineering
public key technologies
active directory services
analyse and provide recommendations for improvements to and enhancements of in-house and external platforms, systems and tools
development of system design artefacts in accordance with established architecture frameworks
support the global team in processing and mitigating cyber threat actor activity
collaborate effectively with information security analysts to co-ordinate a multi-tiered approach to cyber threat mitigation to deny current and future adversary actions
undertake analytical duties in a secondary role to include host- and network-based log analysis, correlation of network threat indicators and pcap data, analytical triage, incident response and vulnerability scanning
research and draft cybersecurity white papers as required, presenting findings to both technical teams and management
preferred experience
in-depth understanding and substantial application of cyber security methodologies
experience in consulting and or working in a complex enterprise environment
a proven track record of designing and developing secure solutions that meet customer requirements
experience performing risk assessments of both internally and externally hosted solutions
experience with iso20000, iso (phone number removed), gdpr, hmg security policy framework, cyber essentials, mcss, etc.
experience with network architecture, osi model, and networking protocols
experience with network security and penetration testing
experience in creating and deploying cloud infrastructure solutions
knowledge of compliance regulations in uk, france, germany, italy, and other european standards
knowledge of risk management industry principles, including use of a risk-based approach
hands on validation of security control implementation
institute security engineering concepts that, balance cost and risk, and supportability and effectiveness analysis across total systems
work collaboratively on multiple concurrent projects with various program and technical stakeholders
perform system security analysis activities including requirements analysis, gap analysis, and analysis of alternatives
experience of conducting analysis of electronic media, log data, and network devices in support of intrusion analysis or enterprise level information security operations
experience with analysis and forensic tools used in a soc or similar investigative environment
penetration testing experience
knowledge and/or experience in one or more of the following technologies: ad/dns, patch management, pki, hbss, acas, vmware products, splunk
familiarity in the risk management framework (rmf) cybersecurity lifecycle
experience of uk and european government working practices and proposals
carbon60, lorien, srg - the impellam group stem portfolio is acting as an employment business in relation to this vacancy
Apply to this job now Report abuse