Cyber systems engineer - 1065 - united kingdom, cheltenham, gloucestershire

cyber systems engineer (fixed term contract - 6 months) - hybrid working pattern

my international client is a market leader in the defence sector especially relating to various naval projects. they are looking to recruit a cyber systems engineer for at least 6 months with the option to extend. as projects are uk eyes only you need to already have sc security clearance.

key responsibilities

collaborate with engineering teams and other information security professionals to ensure strong and effective controls are in place to detect and mitigate risks across on-prem and cloud environments to meet business needs and regulatory requirements

perform technical planning, system integration, verification and validation, balancing cost and risk, and supportability and effectiveness analysis across total systems

work collaboratively on multiple concurrent projects, ensuring project and bau activities remain compliant with iso20000 & iso27001

perform system security analysis activities including requirements analysis, gap analysis, and analysis of alternatives

ensure the logical and systematic conversion of security requirements into systems solutions that best mitigate cyber risks within the acknowledged technical, schedule and cost constraints, including activities such as:

secure proxy engineering

firewall policy management

messaging security engineering

remote access engineering

intrusion prevention engineering

network access compliance engineering

public key technologies

active directory services

analyse and provide recommendations for improvements to and enhancements of in-house and external platforms, systems and tools

development of system design artefacts in accordance with established architecture frameworks

support the global team in processing and mitigating cyber threat actor activity

collaborate effectively with information security analysts to co-ordinate a multi-tiered approach to cyber threat mitigation to deny current and future adversary actions

undertake analytical duties in a secondary role to include host- and network-based log analysis, correlation of network threat indicators and pcap data, analytical triage, incident response and vulnerability scanning

research and draft cybersecurity white papers as required, presenting findings to both technical teams and management

preferred experience

in-depth understanding and substantial application of cyber security methodologies

experience in consulting and or working in a complex enterprise environment

a proven track record of designing and developing secure solutions that meet customer requirements

experience performing risk assessments of both internally and externally hosted solutions

experience with iso20000, iso (phone number removed), gdpr, hmg security policy framework, cyber essentials, mcss, etc.

experience with network architecture, osi model, and networking protocols

experience with network security and penetration testing

experience in creating and deploying cloud infrastructure solutions

knowledge of compliance regulations in uk, france, germany, italy, and other european standards

knowledge of risk management industry principles, including use of a risk-based approach

hands on validation of security control implementation

institute security engineering concepts that, balance cost and risk, and supportability and effectiveness analysis across total systems

work collaboratively on multiple concurrent projects with various program and technical stakeholders

perform system security analysis activities including requirements analysis, gap analysis, and analysis of alternatives

experience of conducting analysis of electronic media, log data, and network devices in support of intrusion analysis or enterprise level information security operations

experience with analysis and forensic tools used in a soc or similar investigative environment

penetration testing experience

knowledge and/or experience in one or more of the following technologies: ad/dns, patch management, pki, hbss, acas, vmware products, splunk

familiarity in the risk management framework (rmf) cybersecurity lifecycle

experience of uk and european government working practices and proposals

carbon60, lorien, srg - the impellam group stem portfolio is acting as an employment business in relation to this vacancy

More jobs