Job Description
Secure by Design Consultant
Yeovil - 90% onsite (may be flexible)
Up to £86.11 per hour, OUTSIDE IR35
6 months initially
Active SC clearance and sole British citizenship required due to security restrictions
We are supporting a major defence aviation programme looking for an experienced Secure by Design/Cyber Security Consultant to join a long-term engineering delivery programme.
This role will support the delivery of cyber and information security activities across the engineering life cycle, helping ensure products and systems are secure by design and aligned to customer, MOD and regulatory requirements.
You will work closely with engineering teams, architects, security stakeholders and customers within a highly regulated defence environment.
Key responsibilities:
Deliver Secure by Design and cyber security activities across the engineering life cycle Conduct cyber security risk assessments and threat modelling activities Support development of security artefacts including RMADS, SyOPs, risk registers and security management documentation Participate in Security Working Groups and stakeholder engagements Support product security, system security and security architecture activities Work with engineering and programme teams to ensure security controls are appropriately implemented Support security assurance, verification and compliance activities Identify and manage security risks, issues and remediation activities
Key experience required:
Experience working within defence, aerospace, aviation or highly regulated environments Strong understanding of Secure by Design principles Experience with security risk assessments, threat modelling and security assurance Experience supporting security activities across the engineering life cycle Knowledge of MOD and industry security standards/frameworks such as NIST, JSPs, Def Stan or ISO27001 Experience working closely with technical engineering and delivery teams Strong stakeholder engagement and communication skills
Desirable:
Experience producing accreditation/security artefacts such as RMADS or SyOPs Product security or security architecture experience Experience within aviation or aerospace programmes CISSP, CISM, SABSA or similar certifications