Security by Design Consultant

• Support cyber and information security delivery across the engineering lifecycle
• Translate customer requirements into actionable security management plans and deliverables
• Conduct cyber and information security risk assessments and threat analysis
• Manage and escalate technical and delivery risks
• Support Security Working Groups and customer security workstreams
• Work closely with engineers, architects and developers to deliver secure-by-design solutions
• Deliver work packages to agreed time, cost and quality targets

• Experience in a similar Defence-related cyber security role
• Strong experience in secure software design and high integrity systems
• Knowledge of MOD Secure by Design processes (ISN2023/09)
• Experience with NIST SP 800-30, 37, 53 and supply chain risk management (NIST 800-161)
• Experience with Def Stan 05-138 / 05-139 and aviation security standards including RTCA DO-326A/B
• Proven experience in threat modelling, vulnerability analysis and security risk assessment
• Ability to work independently and communicate effectively with customers and stakeholders

Qualifications

• Degree in Cyber Security, Systems Engineering, Software Engineering or comparable experience
• Two recognised cyber security certifications such as CISSP, CISM, CASP/SecurityX or ChCSP

Desirable

• Knowledge of engineering lifecycle gate reviews
• Experience with Crypto technologies, COMSEC and MOD/NCSC standards
• Knowledge of ARP4754A / ARP4761

The successful candidate will either already have active SC clearance or will be able to secure this quickly as this is required before a start date can be confirmed.