Cyber Security Risk Consultant
Join us as a Cyber Security Risk Consultant with BAE Systems (Remote/Warton, Preston/Full–time, Permanent) About Capita At Capita, we support clients across a range of sectors, including local Government, central Government, education, transport, health, life and pensions, insurance, and other private sector organizations. We support with expertise applied by the talent across our business in combination with technology, insight, and analytics to keep our clients ahead of change, sharper than competitors and more efficient than ever – and we always need new talent to help us achieve our goals. About BAE Systems BAE Systems is one of the world's leading global defence, security, and aerospace companies. We work at the cutting edge of technology, creating more than 100 new inventions every year for customers in over 100 countries. If you'd like to make a real difference where it counts, BAE Systems is the place for you. From keeping soldiers, sailors, and pilots safe to helping countries prosper, from developing the next generation of supersonic aircraft to investing in the next generation of super–smart talent – at BAE Systems, we work together to give our customers an essential edge in protecting the things that really matter. Lives, livelihoods, ways of life. Join us and you'll be encouraged and rewarded to excel in this important work. Apply your talent where it counts. Role of the Cyber Security Risk Consultant As the Cyber Security Risk Consultant, you will be supporting the Head of Cyber and Information Security by building relationships with key stakeholders. You will also oversee the safeguarding of information through supporting business change by building relationships with and between senior strategists, planners, designers and operational business partners. This role will provide you with the opportunity to gain relevant external training within Cyber security. You will be also expose to the wider business and offered support for career development. This is a brilliant opportunity for someone who is ready to take the next step in their career! Role Requirements Working with the Head of Cyber and Information Security (Air), provide SME knowledge to the businesses and functions, on cyber security risk, ensuring alignment (where applicable) to Corporate Information Security activities and policies. Being responsible for the development of the Air Sector Information Risk profile and helping the business develop Risk tolerances and appetites for critical systems and process.; developing risk reporting. Being accountable as the Risk custodian for Cyber Security. Aid in the development, deployment and communication of the cyber–Security Risk mitigation strategies throughout Air – develop the three lines of defence methodology Enabling the business. Understanding the needs of the business, functions and projects, to inform the Cyber Security risk strategy, policy and processes to ensure the safeguarding of business information and assets in accordance with business risk appetite/tolerances. Supporting the new Risk and Assurance Group (RAG) across air, developing management reporting, risk reporting and security reporting in support of this Establishing and maintaining relationships with senior business leaders and key stakeholders within Air and across other BAE SYSTEMS sectors Acting as a Risk and Control SME for the business and functions and ensuring management understanding of risks, controls, ownership and accountability Providing the Air Sector input into Corporate Insider Threat risk assessments and the review of the effectiveness of risk mitigation strategies Ensuring that the Air Cyber risks are included in the overall corporate risk framework and that this reflects the priority of the risk landscape Supporting Cyber security investigations as required Expected Skills/Qualifications: Knowledge of external Information Security Standards, such as ISO 27001, NIST 800 etc Understanding of cyber security risk management. Established experience of operating at a senior level across a large, complex organisations. Proven experience in a Cyber Security and / or personnel security role supporting projects / businesses. In–depth knowledge of risk and effective risk mitigations strategic and techniques Broad experience in risk management and the application of risk management methodologies Experience in conducting objective assurance reviews Please note, successful candidates will be expected to go through vetting and Security Clearance. We look forward to hearing from you and wish you the very best of luck with your application.