Cybersecurity Certification Consultant (Contract)
Location: Remote with monthly on-site visits in Derby
Rate: £650 per day (Outside IR35)
Contract Length: Running until end of January (with extension potential)
Clearance Requirement: Active SC clearance is essential
Overview:
We are seeking an experienced Cybersecurity Certification Consultant to support the development of security documentation in line with AMC 20-42, ED-202A, and ED-203A standards. This role focuses on defining and delivering certification-specific artefacts for aviation systems within a highly regulated environment.
Key Responsibilities:
* Author and refine certification documentation in alignment with AMC 20-42, ED-202A, and ED-203A, specifically the following:
o System Security Architecture and Measures (SSAM)
o Preliminary System Security Risk Assessment - Security Case Report (PSSRA SCR)
o Plan for Security Aspects of Certification (PSecAC)
o System Security Scope Definition (SSSD)
* Identify and document the Security Perimeter
* Document system overview, covering all interfaces and trust boundaries in scope of the Security Environment
* Identify Failure Conditions through existing Safety Analysis
* Identify Threat Conditions through cyber security assessment based on identified Failure Conditions
* Identify and document Threat Scenarios
* Perform an asset-based Risk Assessment, including identifying Access Vectors
* Complete Common Criteria Applicability and Traceability mapping
Requirements
Required Experience:
* Active Security Clearance (SC) is mandatory.
* Proven experience with ED-202A and ED-203A standards in an aerospace or highly regulated environment.
* Strong understanding of AMC 20-42 guidance and certification expectations.
* Demonstrated experience delivering security documentation and certification artefacts.
* Knowledge and experience of the Unified Modelling Language.
* Background in systems engineering, cybersecurity V&V, and risk assessment.
* Familiarity with refutation-based analysis techniques is a plus.
Working Conditions:
* Remote-first working arrangement.
* Expected travel: 1 day per month on-site in Derby.
* Start: January