Cyber Security Engineer

Description:

Cyber Security Engineer

At Northrop Grumman UK, our mission is to solve the most complex challenges by shaping the technology and solutions of tomorrow. We call it Defining Possible.

This mind-set goes beyond our customer solutions; it’s the foundation for your career development and the impact we have within the community. So, what’s your possible?

Opportunity:

This is more than just a job; it’s a mission.

As a Product Cyber Security (PCS) Specialist, you will be responsible for engineering lifecycle support, providing security subject matter expertise to platform delivery teams, and reviewing their functional activities. You will be instrumental in creating and automating specific cyber security artefacts of assurance. You will be reporting to the PCS Engineering Manager and acting as a linchpin in the PCS team. You will have the chance to work on utilising advanced technologies, particularly in automation, AI, and decision support, to enhance our product cyber security capabilities. You’ll be at the forefront of helping to make our products as secure as they possibly can be.

Our UK Defence business is a Sovereign software and systems centre of excellence. In addition to developing and supporting UK wide and internationally deployed multi-domain command and control systems, our work is critical to the modern backbone of the Royal Navy. We pioneer – with fierce curiosity, dedication, and innovation, we seek to solve the world’s most challenging problems.

Responsibilities:

• Growing the automation of product cyber security risk and vulnerability assessment outputs, including the use of Artificial Intelligence and other applicable approaches.
• Providing cyber security expertise throughout the project product systems engineering lifecycle.
• Accountable for the integrity of platform product cyber security risk management artefacts and delivering timely, proportionate advice to project product delivery teams.
• Planning Product Cyber Security activities and contributing towards the provision of task-hour estimates.
• Supporting project and security leadership in the proportionate delivery of product cyber security.
• Assisting leadership in implementing an efficient and cost-effective product cyber security delivery capability, including professional SQEP certifications.

Benefits:

We can offer you a range of flexible and hybrid working options to suit you, including optional compressed working schedule with every other Friday off. Our benefits including private health care, career development opportunities and performance bonuses. For a comprehensive list of benefits, speak to our recruitment team.

We are looking for:

• A strong background in cyber security and/or engineering capability, with a degree in Engineering, Computer Science, Cyber Security, or an equivalent technician qualification.
• A keen interest in cyber security for industrial control systems.
• Experience with cyber and engineering design data processing.
• Industrial Control Systems (ICS) awareness.
• Knowledge of NIST CSF.
• Threat modelling experience, including Mitre ATT&CK, DEF3ND, and EMB3D.
• Cyber Security Risk Management.
• Vulnerability / Patch / Update Management.

Desirable:

• Secure by Design to UK MOD standards, including DEFSTAN 05-139 and cyber security assessment DEFSTAN 05-138.
• Familiarity with ISA 62443.
• OT/ICS Certification and/or experience.