Product Security Engineer in Christchurch, Dorset

ARM are recruiting for a Product Security Engineer for a Contract or Permanent opportunity with a market leading Defence Client offering a Hybrid working model from Dorset.

As a Product Security Engineer, you will be working on key defence project and be responsible for:
* Interpreting security guidance from external sources such as JSP440/604, Federated Mission Network standards, NCSC and NIST.
* Performing security risk assessments using recognised methodologies to identify and prioritise cyber security and cyber resilience risks and identifying appropriate controls and mitigations to manage those risks.
* Support to achieve security accreditation, including assessing the impact to security of all proposed changes.
* Scoping and managing testing by external penetration test companies and ensuring remediation activity is performed to completion.
* Supporting security within the supply chain, including meeting the requirements of the Defence Cyber Protection Partnership plus our own company initiatives.
* Producing security documentation such as RMADS and SyOPs

Skills required:

Essential
* Experience of cyber security engineering delivery and accreditation within the Defence domain, including identifying cyber security risks using a recognised methodology and the commensurate controls and mitigations required to manage those risks
* Ability to interact at a technical level with systems, software and hardware engineers and to articulate security advice directly to key stakeholders within both the business and the customer community.
* Degree qualified in Information/Cyber Security, IT, Engineering, Mathematics, or Science, or alternatively equivalent qualifications and/or experience

Desirable
* Knowledge and experience in HMG IAS1&2 or similar security risk assessment methodology, JSP440/JSP604/JSP490, NCSC guidance, NIST, ISO 27001 and industry-standard security frameworks.
* Experience of electronic and physical security measures, including Tempest
* Defence, systems or software engineering background. CCP, CISSP, CISM or similar, GCHQ Certified Degree, ex-CLAS

Due to the nature of the sector, you will need to hold current and active UK Security Clearance or at least be eligible to gain it.

If you are interested in the role; please submit your application to Jason Parish via this vacancy.

Disclaimer:

This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission. Where the role is marked as Outside IR35 in the advertisement this is subject to receipt of a final Status Determination Statement from the end Client and may be subject to change.