Skip to main content

This job has expired

Governance, Risk & Compliance Lead

Employer
BAE Systems Digital Intelligence
Location
Guildford, London
Salary
Competitive
Closing date
24 Aug 2022

View more

Job Details

BAE Systems Digital Intelligence

Role Profile

1. Role Details

Job Role

Security Governance Risk and Compliance (GRC) Lead

Reports To

(job role)

Head of Security Policy, Risk & Audit

Business Unit/

Capabilities/Function

Legal Counsel

Sub Group/

Practice

Security Team

Grade

F05

Date Created

July 2022

2. Role Purpose (recommended 1 paragraph)

The Security Governance Risk and Compliance (GRC) Lead is responsible, on behalf of the Chief Security Officer for the management of global Security Governance Risk and Compliance (GRC) across Digital Intelligence, ensuring that Group Cyber Security Control Standards (CSCS) are effectively implemented across all Company networks and systems in accordance with the authorized risk appetite. The role requires liaison and coordination with a wide range of stakeholders and management. The role will be prepared to take a robust view of compliance and be able to represent the consequences of GRC failures to management through the CSO and Legal Counsel.

3. Core Duties / Key Accountabilities (recommended 10-12 points)
  • Management and maintenance of DI Company security GRC standards, policies and procedures.


  • Management and maintenance of a Master List of CSCS controls (based on NIST 800-53), including control family and control owners, the current and planned status of controls, control deficiencies and remediation plans, in order to provide an overall view of DI compliance with the CSCS. The work will link with and inform the Archer Integrated Risk Management (IRM) tool for GRC, Risk and Incidents together with the DI Risk Committee Database for DI risks.


  • Liaison and coordination with a wide range of stakeholders across Group and DI including: Security, IT, Engineering, BUs, Privacy, Risk Assurance, Legal and regional security reps, together with 3rd party suppliers, including EITS for tracking the remediation of controls including: implementation, plans deficiencies and related risks.


  • Coordination with DI Risk Assurance and Group CIO for 3rd line security audits and their remediation programmes.


  • Management of Archer IRM GRC requirements.


  • Providing support to the Chief Security Officer as required.


Budget Holder Responsibility (if applicable):

No

Vendor Management Responsibility (if applicable):

No

Direct Reports (if applicable):

No

Accountable for overall headcount of (if applicable):

N/A

4. Functional Knowledge (Requirements for knowledge of functional work and activities, the technical expertise)

An understanding in the basic fundamentals of: -

  • Information security.
  • Governance, Risk and Compliance (GRC) experience.


Qualifications:

• A Security related first degree

• Ability to obtain a National Security Clearance (SC).

Desirable Qualifications:

• ISO27001 Lead Auditor or ISO27001 practitioner.
  • Professional qualification such as CITP, CISM.


5. Business Expertise (Requirements of the role for knowledge and expertise about the business, rather than the technical expertise)

Understanding key client roles and relationships.

6. Leadership (Requirements of the role for providing leadership and guidance to others, complexity of team(s) managed)

BAE Systems Digital Intelligence employees in providing security expertise and guidance.

7. Problem Solving (Breadth of mental skills required in order to perform the role)
  • Developing policies and procedures to ensure personnel, infrastructure, information, and assets are secure;
  • Ability to identify and capture business related security risks.


8. Nature of Impact (Impact on business by detailing the overall responsibility associated with the role)

Ensuring that DI staff maintain compliance with Company standards and policy and customer contracts.

9. Area of Impact (Business area impacted Delivery/Functional)
  • Personnel, infrastructure, information, and assets;
  • Security for the business.


10. Interpersonal Skills (Type of people skills required to perform the job, internal/external)
  • Excellent written and oral skills

• Good time management and organisational skills.

• Ability to communicate effectively across a variety of internal and external stakeholders;

• Must be able to work on own initiative with minimum supervision;

• Where appropriate, provide advice and guidance on security matters to client projects and business stakeholders.

Life at BAE Systems Digital Intelligence

We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing.

Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential.

About BAE Systems Digital Intelligence

BAE Systems Digital Intelligence is home to 4,800 digital, cyber and intelligence experts. We work collaboratively across 16 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.

Launched in 2022, Digital Intelligence is part of BAE Systems, and has a rich heritage in helping to defend nations and businesses around the world from advanced threats.

Division overview: Functions

At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and the business could not operate without all the dedicated work of our Functions teams. From Finance & Operations through Communications & Marketing, to HR and Site Operations and more, our Functions teams enable our divisions to implement ground-breaking digital transformations and crucial defence software.

As part of Functions, you will be supporting and partnering with our global business from the backline, being a strategic advisor within your specialist area, and ensuring the business runs smoothly and efficiently. We all have a role to play in defending our clients; and this is yours.

Company

BAE Systems Digital Intelligence is home to 4,800 digital, cyber and intelligence experts. We work collaboratively across 16 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.

Company info
Website
Telephone
1483816000

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert