Unspecified
Job Title: Cyber Engineer
Function: Digital Technology - Cyber
Location: Harlow (Essex) or Glenrothes (Scotland) with Hybrid with a minimum of two days a week on site.
Clearance Required: SC eligibility (UK Eyes only)
Duration: Permanent
Hours: 37 hours per week
Raytheon UK
At Raytheon UK, we take immense pride in being a leader in defence and aerospace technology. As an employer, we are dedicated to fuelling innovation, nurturing talent, and fostering a culture of excellence.
Joining our team means being part of an organisation that shapes the future of national security whilst investing in your growth and personal development. We provide a collaborative environment, abundant opportunities for professional development, and a profound sense of purpose in what we do. Together, we are not just advancing technology; we're building a community committed to safeguarding a safer and more connected world.
About the role:
This is an integral role in our Cyber Team, reporting to the Cyber Operations Manager; working closely with analysts, network specialists and information assurance staff to help protect the organisation and colleagues from cyber-attack.
The Cyber Engineer will be responsible for supporting the development of the security architecture and systems within the DT function, as well as maintaining and improving the security monitoring and analysis tools.
As a Cyber subject matter expert, you will also be responsible for the maintaining and recommending new tools, as well as updating the systems. You will be a key player across technology groups interfacing with Network, Data Centres and our internal Design Authority with a remit of driving cyber best practises in our operation. You will be required to work with our Governance, Risk & Compliance (GRC) team in order to implement controls as new frameworks come online.
Responsibility also covers the daily maintenance and support of applications and related hardware associated with our solutions for Vulnerability Management (VM) and other security processes, and supporting your fellow Cyber Engineer in maintenance and tuning of SIEM tooling. You will be expected to deliver upgrades and manage configuration of technology that underpins Cyber Operations, this will include working with and management of external vendors and service partners. You will also be a subject matter expert for these tools.
Skills and Experience
1. You’ll be a self-starter with the ability to prioritise your own workload.
2. You’ll have a deep interest in Cyber Security and be passionate about promoting and developing cyber security initiatives.
3. You’ll have the ability to obtain and maintain UK SC clearance.
4. You’ll have a solid understanding of network and IT system fundamentals.
5. You’ll have experience in SIEM and Vulnerability Management tooling and best practice.
6. You’ll be able to communicate effectively with a variety of stakeholders and with varying levels of technical depth.
7. You’ll be passionate about providing a great service to internal or external customers.
Desirable
8. Experience with a wide array of cyber security tools (SIEM, Vulnerability and Compliance Management, EDR, Data Classification tooling).
9. Experience of working in defence and/or other regulated industries such as financial services or telecommunications.
10. Previous experience managing vulnerability remediation projects and tools
11. Experience conducting risk-based security assessments using industry standard methodologies and frameworks.
12. An understanding of designing and implementing secure systems to HMG security requirements.
13. Knowledge of cyber security best practises and frameworks such as GPG13, NIST 800-53, NIST 800-171, ISO27001.
14. Information Security related certifications such as Security+, CISSP, CISM, GSEC, SSCP
15. Understanding and previous experience designing and embedding security processes.
Responsibilities
16. Vulnerability Management lifecycle, supporting CE+ and other accreditations
17. Implementation of new capability and rulesets in a changing Defence environment
18. Remain briefed on incoming threat intelligence and prepare materials for wider business consumption at various seniority levels
19. Security policy enforcement
20. Point of escalation for Incident Response
21. Planning, preparing and implementing technology change
22. Represent Cyber interests on the Change Advisory Board and industry wide events
23. Identification and remediation of faults across current security tooling, including improvements and suggestions for additions or replacements
24. Report on availability, capacity, faults, risks and other security metrics
#LI-MF1