My Shortlist

Your shortlisted jobs will appear here. To view your shortlist: Login Or Register

Date Added: Fri 16/09/2022

Cyber Systems Engineer

London, UK
Apply Now


Job Type: Temporary

Salary: Negotiable

Application of system security engineering principles is required to provide realistic solutions designed to enhance the overall security posture of internal and customer systems, to include identifying threats, developing appropriate protection measures, reviewing security implications of system changes, recommending solutions and providing support for resolution of complex technical challenges.

Key responsibilities

  • Collaborate with engineering teams and other information security professionals to ensure strong and effective controls are in place to detect and mitigate risks across on-prem and cloud environments to meet business needs and regulatory requirements
  • Perform technical planning, system integration, verification and validation, balancing cost and risk, and supportability and effectiveness analysis across total systems
  • Work collaboratively on multiple concurrent projects, ensuring project and BAU activities remain compliant with ISO20000 & ISO27001
  • Perform system security analysis activities including requirements analysis, gap analysis, and analysis of alternatives
  • Ensure the logical and systematic conversion of security requirements into systems solutions that best mitigate cyber risks within the acknowledged technical, schedule and cost constraints, including activities such as:
    • secure proxy engineering
    • firewall policy management
    • messaging security engineering
    • remote access engineering
    • intrusion prevention engineering
    • network access compliance engineering
    • public key technologies
    • Active Directory services
  • Analyse and provide recommendations for improvements to and enhancements of in-house and external platforms, systems and tools
  • Development of system design artefacts in accordance with established architecture frameworks
  • Support the global team in processing and mitigating cyber threat actor activity
  • Collaborate effectively with information security analysts to co-ordinate a multi-tiered approach to cyber threat mitigation to deny current and future adversary actions
  • Undertake analytical duties in a secondary role to include host- and network-based log analysis, correlation of network threat indicators and PCAP data, analytical triage, incident response and vulnerability scanning
  • Research and draft Cybersecurity white papers as required, presenting findings to both technical teams and management

Person Specification
Preferred Experience

  • In-depth understanding and substantial application of cyber security methodologies
  • Experience in consulting and or working in a complex Enterprise environment
  • A proven track record of designing and developing secure solutions that meet customer requirements
  • Experience performing risk assessments of both internally and externally hosted solutions
  • Experience with ISO20000, ISO 270001, GDPR, HMG Security Policy Framework, Cyber Essentials, MCSS, etc.
  • Experience with network architecture, OSI model, and networking protocols
  • Experience with network security and penetration testing
  • Experience in creating and deploying cloud infrastructure solutions
  • Knowledge of compliance regulations in UK, France, Germany, Italy, and other European standards
  • Knowledge of risk management industry principles, including use of a risk-based approach
  • Hands on validation of security control implementation
  • Institute security engineering concepts that , balance cost and risk, and supportability and effectiveness analysis across total systems
  • Work collaboratively on multiple concurrent projects with various program and technical stakeholders
  • Perform system security analysis activities including requirements analysis, gap analysis, and analysis of alternatives
  • Experience of conducting analysis of electronic media, log data, and network devices in support of intrusion analysis or enterprise level information security operations
  • Experience with analysis and forensic tools used in a SOC or similar investigative environment
  • Penetration testing experience
  • Knowledge and/or experience in one or more of the following technologies: AD/DNS, Patch Management, PKI, HBSS, ACAS, VMware products, Splunk
  • Familiarity in the Risk Management Framework (RMF) Cybersecurity Lifecycle
  • Experience of UK and European Government working practices and proposals

Preferred Qualifications

Hold one or more of the following technical certifications (or equivalent):

o International Council on Systems Engineering (INCOSE)
o Certified Information Systems Security Professional (CISSP)
o GIAC Certified Enterprise Defender (GCED)
o GIAC Certified Incident Handler (GCIH)
o GIAC Certified Intrusion Analyst (GCIA)
o GIAC Certified Forensic Analyst (GCFA)
o GIAC Reverse Engineering Malware (GREM)
o Certified Forensic Computer Examiner (CFCE)
o OSCP Offensive Security Certified Professional
o CEH Certified Ethical Hacker

Competency/Skill requirements

Current and evolving familiarity with information security threats facing aerospace defence contractors or Government systems

  • Adept at two or more analysis and forensic tools used in a CSIRT or similar investigative environment
  • Able to exercise sound judgement when escalating issues
  • A creative thinker, particularly around remediation and countermeasures to challenging information security threats
  • Highly self-motivated and directed, able to effectively work autonomously and as part of a wider, virtual team
  • Excellent interpersonal skills, able to engage effectively with a wide range of stakeholders
  • Excellent PowerPoint skills, able to clearly present technical content to audiences of mixed technical backgrounds.
Apply Now