SonicJobs Logo
Left arrow iconBack to search
  1. Home
  2. Camberley, Surrey
  3. Ict security engineer
  4. Principal Engineer - Product Security (Psec Architect)

Principal Engineer - Product Security (Psec Architect)

Morson Talent
Posted a day ago, valid for a month
Location

Camberley, Surrey GU16 7EX, England

Salary

ÂŁ63.21 - ÂŁ83.41 per hour

Contract type

Full Time

In order to submit this application, a TotalJobs account will be created for you. As such, in addition to applying for this job, you will be signed up to all TotalJobs’ services as part of the process. By submitting this application, you agree to TotalJobs’ Terms and Conditions and acknowledge that your personal data will be transferred to TotalJobs and processed by them in accordance with their Privacy Policy.

Sonic Summary

info
  • The position is for a Product Security – Principal Engineer/Architect based in Frimley, Portsmouth, or Filton, offering an average of 2 to 3 days per week in the office on a 12-month contract with a temp-to-perm opportunity.
  • The role pays ÂŁ83.41 per hour, inside IR35 (umbrella), and requires active SC clearance due to 'UK eyes only' restrictions.
  • Candidates should have experience in Product Security Engineering activities, particularly in critical national infrastructure (CNI) domains such as defense and maritime.
  • A degree in a relevant STEM subject or Information Security, along with relevant cybersecurity qualifications like CISSP, is required.
  • The role involves advising on security matters, assessing risks, and influencing system design to ensure security is integrated throughout the product lifecycle.

Product Security – Principal Engineer / Architect


- Frimley, Portsmouth or Filton – average 2 or 3 days per week in the office
- 12 month contract with temp to perm opportunity
- ÂŁ83.41 per hour, inside IR35 (umbrella)
- Please note this role requires active SC clearance and is subject to “UK eyes only restrictions”

Role Description

The Security Architect / Principal Engineer will be a focal point for security and information risk matters within the Product Security Engineering (PSyE) team and will be able to apply their deep level of subject matter expertise and experience to ensure that submarine systems and products are designed, built and delivered with security in mind. They will be able to support the appropriate authorities/management to ensure the delivered solutions meet the specified contractual and regulatory requirements and can be operated securely, correctly and safely. They will provide subject matter expertise and advice to other functional and capability areas to support overall project delivery and performance.

The Security Architect Principal Engineer will have a good understanding of the systems and technologies used on board the product. They will also have knowledge of the applicable regulations, standards, policies and guidance on cyber security and PSyE to be able to check compliance by the delivery programmes and their through-life support. They will be able to speak knowledgably and credibly with customer, user and internal stakeholders to explain the causes of information risks, their likelihood and potential operational and business impacts. They will be able to document and present risk management options to the business and participate in discussions.

The Security Architect Principal Engineer will have a working knowledge of the cyber security and information assurance marketplace, including products, suppliers and key threats, and will also have an understanding of the direction of potential future technologies.

Core Duties
The following activities are typical of the work that may be carried out by the Security Architect principal engineer, in full or part dependent on the role and the place the project is in the engineering lifecycle:

- Provide advice on Product Security matters for programmes to a wide range of stakeholders which will include; System Engineers, Engineering Managers and Technical Authorities as required.
- Understands the business and customers operating environments and any associated risks associated with the Product.
- Gain sufficient understanding of a system, its concept of use and architectures in order to provide an accurate assessment of Product Security in terms of possible threats, potential avenues of attack and to advice on the application of secure development practices.
- Be able to recommend and propose suitable system architectures or controls to mitigate risks in line with government and MOD policies and good practice.
- Understand and be able to provide relevant guidance on the threat environment for a programme.
- Ensure that Product Security analysis work is fully documented, enabling the management of risk throughout the product lifecycle.
- Be able to contribute and influence the development of Product Security strategies, policies, guidance, good practices and awareness.
- Influencing system engineers to design and build systems with security by default (culture).
- Be able to plan and manage work concurrently across multiple security work programmes.
- Provide regular updates on project status/progress in accordance with project specific reporting cycles.
- Represent the Product Security group at Design Reviews and other various engagements, to ensure that Product Security is appropriately considered at each stage of the design lifecycle.
- Undertake peer reviews as directed.
- Provide technical guidance and supervision to other Product Security engineers and support the management and planning of specialist activities.
- Provide technical guidance and support in relation to product incident management.
- Assist with or recommends secure configurations of product systems to ensure compliance with the intended architectures

The Security Architect principal engineer will be responsible for, or provide input to the following typical key deliverables, dependent on the role and the place the project is in the engineering lifecycle:
- Lockdown guidance and reports
- Security architecture definition and requirements
- Reports documenting the results of security analysis
- Technical input and appropriate consideration of product security activities and issues for LCM deliverables and Design Reviews, including Sub-Contract Design Reviews
- Captured and agreed input to appropriate Verification Cross-Reference Index (VCRI), Integration, Test, Evaluation and Acceptance Plans (ITEAP) and Qualification Plans.
- Secure System Architectures and verification documentation.

Knowledge, Skills and Qualifications

Knowledge:
- Good understanding of information security principles and is able to advise on the potential impact to Product Systems.
- Experience of Product Security Engineering activities in CNI domains (such as defence, maritime, utilities, nuclear).
- Knowledge and experience of security related activities required to design, build and maintain a secure product in line with recognised secure architectural frameworks.
- Proven experience of identifying and recommending suitable risk treatment to address product security vulnerabilities.
- Experience of assessing and advising on controls to support Product Safety.
- Proven experience of applying secure configurations/cyber resilience to applicable technologies within the environment and during system development.
- Supports and contributes to information security professional bodies and industry forums.

Skills:
- Can demonstrate continuous improvement, professional development and awareness of current industry good practice.
- Key technical skills and associated proficiency levels (covering all grades) are captured on a separate form: F HR 035.

Qualifications:
- Degree (or equivalent experience) in a relevant STEM subject or Information Security related.
- Holds and maintains relevant cyber security qualifications (e.g. CISSP, former NCSC CCP working towards Chartered/Principal Cyber Security Professional)

Apply now in a few quick clicks

In order to submit this application, a TotalJobs account will be created for you. As such, in addition to applying for this job, you will be signed up to all TotalJobs’ services as part of the process. By submitting this application, you agree to TotalJobs’ Terms and Conditions and acknowledge that your personal data will be transferred to TotalJobs and processed by them in accordance with their Privacy Policy.
Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2024 SonicJobs App Ltd. All rights reserved

Terms & Conditions | Privacy Policy | AI Agent | Browse Jobs