Job Description

At Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.

Boeing Defence UK (BDUK) is a subsidiary of the Boeing Company and currently employs over 1,200 people in the UK.  BDUK is currently responsible for delivering support to a variety of Logistics Applications via the Support Chain Information Services (SCIS) contract.  As part of the delivery of this contract the Information Assurance team provides assurance support to the MOD which encapsulates supporting a number of applications to the standards required by both Boeing and the SCIS contract.

An exciting opportunity has become available to join the BDUK Information Assurance Team as an Information Assurance Practitioner.

Role:

The Information Assurance Practitioner maintains the deployment of programme Information Security and Assurance for assigned systems to meet the programme and enterprise requirements, policies, standards, guidelines and procedures.

Performs Information Assurance and Security compliance through continuous monitoring. Performs and participates in Information Assurance and Security assessments and audits. Prepares, reviews, and presents technical reports and briefings. Identifies and contributes to the identification of root causes, prioritizes threats and recommends/ implements corrective action. Demonstrates technical knowledge and methods regarding information security best practices. Supports and explores enterprise-wide information security policies, standards, guidelines and procedures that may reach across multiple stakeholder organizations. Acts as a BDUK point of contact at the MOD GOSCC at Corsham.

This position allows telecommuting with a mix of onsite and remote working available. However, the selected candidate will be required to spend some time onsite, including within the GOSCC at Corsham.

The successful candidate will need to have had recent practical experience in a high tempo working environment and be motivated to join an established Information Assurance team in the UK

BDUK Information Assurance professionals are expected to work closely with their Information Assurance and Security counterparts to deliver an integrated and focused security effect, knowledge of Information Assurance and MOD Security policies such as JSP440 and JSP604 is preferred.

Role Activities:

  • Coordination of Information Assurance and Security activities across the SCIS Programme, including Regular interaction with customer Information Assurance and Security representatives.

  • Preparing regular updates on progress against Information Assurance and Security deliverables and input to Information Assurance and Security bid proposals for the SCIS Programme.

  • Identify, analyse and disseminate threat based information as well as provide ad hoc Information Assurance and Security advice and support to the SCIS Programme.

  • Contribute to the identification of Information Assurance and Security risks within complex information systems, and implementation of effective and risk balanced Information Assurance and Security measures.

  • Apply an ISO27001 framework, contribute to identification of risk through a technical risk assessment and a number of audits based on a pre-defined scope

  • Provide Information Assurance and Security documentation and evidence to meet HMG (MOD) security accreditation requirements.

  • Liaison with customers, accreditors and technical authorities, including attendance at Security Working Groups.

  • Contribute to Information Assurance and Security analysis of operational environments, threats, vulnerabilities and internal interfaces to define and assess compliance to accepted industry and government standards

  • Support the development of information governance and risk management structures and processes.

  • Contribute to development of business and user focused security policies, procedures, processes and operational guidance for the compliant delivery of customer information security requirements.

  • Maintaining knowledge of technology development (both hardware and software), threat actors, tools and techniques and the risk implications for information security.

Typical Qualifications/Education:

  • Relevant industry security certifications would be advantageous (e.g. CCP (Ex-CLAS), CISSP, CISM).

Preferred Experience:

  • The ideal person will either have a background in Information Assurance, or have knowledge and understanding of MOD and Government information security policy, standards and guidance.

  • Knowledge of assuring IT systems in a secure government environment (MOD) would be advantageous

  • Understanding of systems and security verification, validation, testing and evaluation approaches, including HMG Information Assurance schemes and processes.

  • Experience in generation of information security Risk Assessments, Risk Treatment Plans and Risk Management and Accreditation Documents in accordance with ISO27001

  • Experience in the specification and development of effective and balanced information assurance solutions or approaches, including the ability to analyse the security aspects of business risks

  • Pragmatic approach to the recommendation of security controls.

  • Ability to plan, prioritise and manage own workload with limited day-to-day supervision, but know when to seek assistance/escalate.

Desirable knowledge and skills:

  • Experience of working within a multinational matrix management environment/ structure and a large-scale, complex international organization, but also within small teams, would be highly advantageous.

  • Experience of working with and accrediting MOD Applications for deployment onto the Defence Network, including knowledge of various MOD publications such as JSP440, JSP604 etc. and tools such as DART.

  • Experience of participating in developing security solutions in response to customer requirements.

  • Understanding of data protection controls and practices, and awareness of wider regulations such as ITAR.

Other information:

  • Eligibility and willingness to undergo SC clearance is required, as well as eligibility to undergo higher levels of UK security clearance

All information provided will be checked and may be verified.

Important information regarding this requisition: This position does not have sponsorship approval. This requisition is for a locally hired position in the UK. Candidates must have current legal authorisation to work immediately in the United Kingdom. Boeing will not attempt to obtain Immigration and labour sponsorship for any applicants. Benefits and pay are determined at the local level and are not part of Boeing U.S. based payroll.

PLEASE NOTE: The successful candidate will be expected to undergo a SECURITY CHECK/CLEARANCE

Apply For This Job

You can apply for this job externally via the button below.

Apply for this job externally