Skip to main content

This job has expired

Cyber Security Supplier Assurance Specialist

Employer
Peregrine
Location
Preston or Farnborough
Salary
£50,000 to £90,000 negotiable depending on experience
Closing date
10 Aug 2022

View more

Clearance Level
SC
Sector
Aerospace, Cyber Security, Defence
Job Type
Permanent

The role holder:

Will assist FCAS stakeholders associated with management of the supply chain in the understanding of Cyber related risks, controls, ownership and accountability. This will include assisting in the development of supplier risk assessments and analysis of supplier Cyber security compliance to BAE Systems’ policies, standards and procedures, customer requirements and Air’s Cyber risk management and supplier governance processes.

They will contribute to an effective Cyber Security culture in support of business objectives. Monitoring and engaging with the project teams, partners, supliers and the customer on relevant standards and frameworks, and promoting awareness of information security policies, standards, procedures and methods.

They will initiate and influences relationships with and between key stakeholders. Supporting the development of processes to manage and monitor Cyber security threats and risks throughout the supply chain in accordance with programme Cyber security risk appetite, reporting threats and recommending risk mitigation to stakeholders.

They will contribute to Supplier Management Cyber Security strategies to achieve business information security risk appetite and monitor progress.

Core Duties

The post holder will act as the Cyber Security Subject Matter Expert (SME) for the FCAS Supplier Management team and be the focal point and main point of contact on all Cyber Security issues associated with FCAS suppliers. This will include:

  • Communicating and promoting understanding of risks, controls, ownership and accountability throughout the FCAS Programmes stakeholders associated with management of the supply chain, ensuring Cyber Security and Cyber Resilience is an integral part of supplier management activities
  • Assessment and evaluation of  suppliers capabilities against applicable Cyber Security requirements, including BAE Systems’ policies, standards and procedures and customer requirements.
  • Advising/guiding project, teams and functions on the application and management of all appropriate Supplier Management Cyber Security controls and standards. This includes working with project teams to take a ‘ground up’ approach to managing Cyber risk within the supply chain, advising on the correct approach and the necessary actions that will be required (including orchestrating input from other required SMEs and functions).
  • Liaising with the corporate teams with responsibilities for IT/Cyber Security within the supply chain (such as the Office of the Chief Information Officer (OCIO) and Commercial/Procurment) and engaging local stakeholders in any required corporate activities.
  • Supporting audits of Supplier Cyber Security and associated functional processes, including monitoring on the closure of any actions raised.
  • Contributing to an effective Cyber Security culture in support of business objectives. Establishing and maintaining relationships across FCAS stakeholders by monitoring and engaging with the project teams, partners, and the customer on relevant standards and frameworks.
  • Work with the Head of Cyber Programmes and Projects - Air, to ensure alignment to Corporate Information Security activities.

Competencies

  • A good understanding of supplier management covering procurement, legal and commercial activities. A good understanding of Cyber controls withint the the supply chain. Experience in the assurance / assessment of and implementation of Supplier Cyber Security standards (such as BAE Systems or other corporate Security Standards, NIST, and DEFSTAN). Other assurance or audit role experience will also be considered.

An understanding of emerging Cyber Security requirements and Cyber threats. Demonstrated ability to appropriately identify and manage cyber risks associated with the supply chain, in line with the business’s risk/cost appetite. Skills in understanding and interpreting external documentation, such as contractual clauses and standards. Professional Cyber and Aupplier Management related qualifications desirable. Ideally 2 - 3 years in a Cyber or IT Security related role.  

Behaviours

  • The ability to think through broad, complex issues and to identify and summarise salient factors.
  • The ability to identify alternative courses of action, assess their merits and produce robust risk mitigation plans.
  • Excellent interpersonal skills and a high level of integrity and discretion to manage potentially sensitive incidents and investigations with internal and external stakeholders. Highly motivated and self-disciplined, with the ability to work autonomously. Strong communication skills with the ability to communicate complex subjects to a variety of audiences, pulling out key issues and decision points.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert