Cyber Systems Engineer (Fixed Term Contract – 6 months) – Hybrid Working Pattern My international client is a market leader in the defence sector especially relating to various naval projects. They are looking to recruit a Cyber Systems Engineer for at least 6 months with the option to extend. As projects are UK Eyes only you need to already have SC Security Clearance. Key responsibilities · Collaborate with engineering teams and other information security professionals to ensure strong and effective controls are in place to detect and mitigate risks across on-prem and cloud environments to meet business needs and regulatory requirements · Perform technical planning, system integration, verification and validation, balancing cost and risk, and supportability and effectiveness analysis across total systems · Work collaboratively on multiple concurrent projects, ensuring project and BAU activities remain compliant with ISO20000 & ISO27001 · Perform system security analysis activities including requirements analysis, gap analysis, and analysis of alternatives · Ensure the logical and systematic conversion of security requirements into systems solutions that best mitigate cyber risks within the acknowledged technical, schedule and cost constraints, including activities such as: · secure proxy engineering · firewall policy management · messaging security engineering · remote access engineering · intrusion prevention engineering · network access compliance engineering · public key technologies · active Directory services · Analyse and provide recommendations for improvements to and enhancements of in-house and external platforms, systems and tools · Development of system design artefacts in accordance with established architecture frameworks · Support the global team in processing and mitigating cyber threat actor activity · Collaborate effectively with information security analysts to co-ordinate a multi-tiered approach to cyber threat mitigation to deny current and future adversary actions · Undertake analytical duties in a secondary role to include host- and network-based log analysis, correlation of network threat indicators and PCAP data, analytical triage, incident response and vulnerability scanning · Research and draft Cybersecurity white papers as required, presenting findings to both technical teams and management Preferred Experience · In-depth understanding and substantial application of cyber security methodologies · Experience in consulting and or working in a complex Enterprise environment · A proven track record of designing and developing secure solutions that meet customer requirements · Experience performing risk assessments of both internally and externally hosted solutions · Experience with ISO20000, ISO 270001, GDPR, HMG Security Policy Framework, Cyber Essentials, MCSS, etc. · Experience with network architecture, OSI model, and networking protocols · Experience with network security and penetration testing · Experience in creating and deploying cloud infrastructure solutions · Knowledge of compliance regulations in UK, France, Germany, Italy, and other European standards · Knowledge of risk management industry principles, including use of a risk-based approach · Hands on validation of security control implementation · Institute security engineering concepts that, balance cost and risk, and supportability and effectiveness analysis across total systems · Work collaboratively on multiple concurrent projects with various program and technical stakeholders · Perform system security analysis activities including requirements analysis, gap analysis, and analysis of alternatives · Experience of conducting analysis of electronic media, log data, and network devices in support of intrusion analysis or enterprise level information security operations · Experience with analysis and forensic tools used in a SOC or similar investigative environment · Penetration testing experience · Knowledge and/or experience in one or more of the following technologies: AD/DNS, Patch Management, PKI, HBSS, ACAS, VMware products, Splunk · Familiarity in the Risk Management Framework (RMF) Cybersecurity Lifecycle · Experience of UK and European Government working practices and proposals
Carbon60, Lorien, SRG – the Impellam Group STEM Portfolio is acting as an Employment Business in relation to this vacancy.
