The primary purpose of the Cybersecurity Operation Lead (COL) is to work with the UWS Head of Engineering Operations to develop and optimise enhance all non-IS and ‘product’ related development environments on which UWS solutions are developed and to manage the cyber posture of our deployed solutions within our customers operational environment as part of In-Services support phase.
Location(s): Templecombe or Bristol or Cheadle or Crawley
Responsibilities
* Management of the cyber posture of Business Managed Networks (BMNs), test benches & cloud platforms, to ensure the ongoing compliance with Thales Group Policy, Cybersecurity instructions, as well as UK national cyber regulations and customer contractual obligations.
* Define and manage the approach to supporting cyber changes to in-service products.
* Ensure that all necessary resources (human, technical, financial, etc.) are quantified and captured to comply with cybersecurity requirements, rules, and regulations for BMNs, test benches, cloud platforms during the bid phase to ensure adequate cybersecurity provision.
* Endorse the assignment of cyber resource for Project Security Officer (PSO) roles to deliver appropriate assurance of the project development environment in accordance with contractual obligations and the UK Corporate ISMS.
* Coach, mentor and provide advice to allocated PSO resource in the interpretation of contractual obligations, cyber security policy and UK Corporate ISMS.
* Review, approve and monitor implementation of project security management plans in accordance with the UK Corporate ISMS; identify opportunities to mutualise, establish consistencies and achieve efficiencies.
* Ensure BMNs approval for operation and interconnections are authorised in accordance with the UK Corporate Security BMN process in collaboration with the UK Corporate Security function and UK Chief Information Security Officer (CISO).
* Monitor, audit and report on BMNs operation and maintenance activities to business stakeholder to determine alignment with the risk tolerance of the organization.
* Define and ensure capabilities (tools, processes and roles) are in place for in-service support phase for solutions, projects and services.
* In coordination with legal and contracts teams, analysis cybersecurity specific contractual clauses, Security Aspect Letters, DEFCON’s and DEF STAN’s to quantify and capture Thales’ obligations.
* Support the procurement teams to evaluate supplier’s cybersecurity maturity and ability to meet customer’s contractual obligations.
* Define the UWS UK business incident management process in coordination with the UWS CyDA/CyAM.
* Participate in resolution of cyber security incidents and crisis related to deployed solution, BMN’s and supplier’s including reporting in accordance with contractual obligations.
* Define and ensure secure disposal of solutions, BMNs and customer data in accordance with contractual obligations.
* In cooperation with the UWS CyDA conduct a Cyber security maturity assessment of UWS UK on an annual basis.
* Analysis results and provide cyber input into the Engineering Performance Plan (EPP) to support MYB process.
* Take ownership and manage delivery of EPP and Cyber objectives, report progress and outcomes.
* Developing the Cyber Security Management System (CSMS), associated RACI and cyber skills enhancements required across the UWS UK business.
* Act as part of a wider Engineering Operations team, focused on ensuring that the engineering management team are able to operate as efficiently as possible.
Qualifications
* Degree in Engineering, Computer Science or any other related field in university [preferably with a speciality in Cryptology, Control systems or Cybersecurity]
Required Skills
* Knowledge of relevant information security standards, e.g. UN-R155, UN-R156, ISO 21434, ISO 27001 and ISO 27005
* Knowledge of Chorus 2.0 processes (or similar BMS/QMS) and the regulatory framework that Thales operates within
* Familiar with data analysis, data processing and IT and cyber security
* Leadership and team management: lead by example, inspire, motivate and engage teams, provide direction, support and develop individuals, delegate responsibilities, encourage collaboration
* Problem evaluation: problem characterisation, problem structuring, analysing information, documenting evidence, interpreting data, presenting solutions
* Driving success: taking action, seizing opportunities, pursuing goals, motivating others, building teams
* Building collaboration: persuading and negotiating with own perspective, listening and engaging to other perspectives, working towards creating shared objectives and actions
* Building network: identifying and meeting stakeholders, building relationships, establishing rapport, maintaining relationships, understanding people, valuing individuals
* Communication: influencing people, articulating/translating information, creating and delivering communication plans
Preferred Skills
* Knowledge of Thales business structures and processes. How UWS operates and how we use toolsets to promote efficiency (incl. Thales and UWS internal processes, i.e. S&OP (Supply & Operational Planning))
* Project management approaches, tools and techniques. You can adopt those most appropriate for the environment
Security Clearance Statement
Due to the nature of the work that we do at Thales, many of our roles are subject to security restrictions. This role requires you to be a UK National and achieve Security Clearance (SC) without any caveats. It would be advantageous if currently held, however, if not currently held, it is a requirement that the successful applicant undergo, achieve, and maintain SC Clearance prior to commencing employment. If approved by the MOD, a dual national from a Non-ITAR country may be considered. Please visit the UKSV website for further guidance.
To be eligible for full SC, you generally need to have resided in the UK for the last 5 years. In some circumstances, a minimum of 3 years’ residence in the UK over the last 5 years may be accepted, with additional overseas checks.
#J-18808-Ljbffr