Cyber Essentials Security Specialist

Create, develop and maintain Cyber Essentials compliance obsolescence dashboards in line with Cyber Essentials & Cyber Essentials plus requirements, ensuring EIT enterprise managed networks (UK and International) to meet MoD DEFCON contractual requirements are met. Providing Cyber Essentials compliance systems /services gap analysis and evaluation via dashboard reporting, with limited guidance from the Line Manager, to ensure Cyber Essentials non-compliance are reported daily, weekly, monthly.

Creation and maintenance of Cyber Essentials compliance process documentation, drive innovation and improvement within IM&T's cybersecurity assurance service improvement program. To stay ahead of emerging threats and evolving compliance requirements by proactively managing own development including participating in on-the-job training and attending training programmes as appropriate.

Core Duties:

• Support in the planning and management of Cyber Essentials and Cyber Essentials plus certification across applicable EIT enterprise managed networks (UK and International) to meet MoD DEFCON contractual requirements
• Work autonomously and manage own workload and priorities based on demand from multiple different projects and initiatives across business Groups IM&T teams.
• Provide the verification that systems and processes meet the specified Cyber Essentials security requirements to verify on-going compliance requirements are in place and reported on
• Leveraging metrics and analytics to drive informed decision-making supporting risk mitigation and increased compliance strategies supporting Cyber Essentials and Cyber Essentials plus security requirements
• Collaborate with relevant departments to develop and implement action plans addressing identified, software and hardware obsolescence vulnerabilities, ensuring alignment with Cyber Essentials and Cyber Essentials plus requirements

• Educated to degree level (or equivalent) preferably in a related technical discipline
• Cyber Security experience and additionally Service management knowledge
• Good understanding of Cyber essentials & Cyber essentials Plus requirements
• Analytical background with the ability to analyse and interpret large and complex data sets and articulate observations, conclusions, and recommendations in line with Cyber Essentials requirements
• Capable of a very high standard of written communication including experience of writing complex Excel and Tableau report automation
• Understands and can provide qualitative and quantitative data sets mapping out risks

The IM&T team:

Working within IM&T EIT across BAE Systems Marine, Some knowledge of industry recognised Cyber Security Standards and best practice including HMG / Government Sector. (UK and International) to meet MoD DEFCON contractual requirements and the importance of Licence to trade. As a 3rd party defence contractor Cyber Essentials Plus accreditation is vital BAE achieve this accreditation. Working across large enterprise estates, will be challenging but rewarding to ensure CE compliance is met.

Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks.