Principal Engineer - Product Security
Principal Engineer - Product Security (SC Cleared)
Duration: 12 Months
Rate: GBP53,00 per hour LTD
Our Barrow based client have an opportunity for a Product Security Engineer (SC Cleared) to join the team on an initial 12 month contract basis.
The following activities are typical of the work that may be carried out by the PSA Principal Engineer, in full or part dependent on the role and the place the project is in the engineering lifecycle:
- Represent the Product Security group at Design Reviews and other various engagements, to ensure that Product Security is appropriately considered at each stage of the design lifecycle.
- Holds NCSC CCP SIRA status (or able to achieve)
- Good understanding of information security principles and is able to advise on the potential impact to Product Systems.
- Experience of Product Security Engineering activities in the defence, maritime or closely linked domain.
- Knowledge of security related activities required to support the engineering lifecycle with experience of operating in the phase relevant to the role.
- Proven experience of assessing and managing information risk in line with industry good practice.
- Experience of assessing and advising on controls to support Product Safety.
- Proven experience of applying Product Security/Information Security concepts to applicable technologies within the environment (or similar).
- Supports and contributes to information security professional bodies and industry forums.
- Can demonstrate experience of mentoring and/or providing support to others.
- Can demonstrate continuous improvement, professional development and awareness of current industry good practice.
- Captured and agreed input to appropriate Verification and Qualification Plans.
- Specialist advice and contribution to other project documentation, such as Training Needs Analysis (TNA), Technical Publications, Cyber Incident Plans and Operating Instructions
- Provide advice on Product Security matters for programmes to a wide range of stakeholders which will include System Engineers, Engineering Managers and Technical Authorities as required.
- Gain sufficient understanding of a system, its concept of use and architectures in order to provide an accurate assessment of Product Security in terms of possible threats, potential avenues of attack and to advise on the application of secure development practices.
- Be able to select appropriate Product Security techniques which are consistent and repeatable for use across a programme.
- Understand and be able to provide relevant guidance on the threat environment for a programme.
- Ensure that Product Security analysis of a project, system or equipment, is delivered and is managed using recognised risk analysis techniques.
- Ensure that Product Security analysis work is fully documented
- Be able to contribute and influence the development of Product Security strategies, policies, guidance, good practices and awareness.
- Be able to recommend appropriate controls to mitigate identified risks in line with government and MOD policies and good practice, to provide more cost effective risk mitigation in the longer term.
- Present risks and proposed controls to internal and external stakeholders, to achieve agreement and buy-in.
- Provide regular updates on project status/progress in accordance with project specific reporting cycles.
Interested?..... click apply for full job details