Principal Cyber Security Consultant

Working Pattern: Full time, Part time, Job Share, Flexible Working

At Defence Equipment & Support (DE&S), we supply and maintain vital equipment and services for the Royal Navy, British Army and Royal Air Force. Together, we deliver a vast range of essential defence programmes, and strive for what's next. Because it helps keep our military at the top of their game and our nation safe - for today, and tomorrow.

We offer 25+ days' holiday, flexible and hybrid working, enhanced parental leave schemes, shopping discounts, and an exceptional employer pension contribution of around 27%, to help work, work for you.

Nationality, visas and vetting: For security reasons this role is open to sole UK nationals only. A ‘sole UK national' refers to an individual who holds citizenship solely in the UK, without dual citizenship or nationality from another country. We're unable to offer visa sponsorship.

This role requires you to have lived in the UK for the last 5 years and obtain Security Clearance.

Clearance must be obtained without any caveats that prevent you from carrying out the role you have been recruited for. If it isn't obtained, or is obtained but with caveats that prevent you from carrying out the role, any conditional offer made to you will be withdrawn. Obtaining SC security clearance can be a lengthy process, and we reserve the right to withdraw any conditional offer made if the necessary security clearance isn't obtained within 12 months.

Job description

Are you a Principal Cyber Security Consultant ready to lead a team of Cyber Security Consultants to support decision making across the lifecycle of multiple complex projects? We, at Defence Equipment & Support (DE&S), currently have several exciting opportunities for Cyber Security Consultants to work within our Internal Technical Support (ITS) team. We provide specialist security and information assurance support to a huge variety of military projects and platforms. This covers combat aircraft and armoured vehicles to submarines, aircraft carriers and land-based communications. DE&S ensures the UK military have access to equipment with world leading capabilities that is resilient to cyber-attacks. This team makes a big difference to projects integral to supporting our Armed Forces!
Our team works closely with clients across a range of delivery teams as intelligent decision makers and subject matter experts (SMEs). Working within this challenging, fast-moving, and ever-changing environment, we offer great opportunities to develop your skills and knowledge with us to build a career in Cyber. You will be empowered to provide guidance and advice on areas including information risk management, architecture development, security accreditation, threat analysis, cryptography and information technology assessment within agreed time frames and budgets.
We are keen to attract, develop and retain Cyber Resilience specialists, therefore we will support and encourage your development in the following areas:

• Gaining Chartered Cyber Professional
• Knowledge of defence equipment & systems
• Knowledge and application of ICT/Security/Defence standards e.g. JSP/NIST/ISO27001 etc
• Information risk management
• Knowledge of evolving digital technology/applications e.g. AI/Digital twins/Quantum computing etc

You can choose your permanent workstation from the list below:
MOD Abbey Wood, Filton, Bristol, BS34 8JH
Kentigern House, 65 Brown Street, Glasgow, G2 8EX
RAF Waddington, Lincoln, Lincolnshire, LN5 9NB
HMNB Devonport, HM Naval Base, Devonport, Plymouth, PL2 2BG

MOD Manchester, Piccadilly Gate, Store Street, Manchester, M1 2WD
Please note, if MOD Abbey Wood, Bristol is not your permanent workstation, you will still be required to visit once a month. There will also be regular travel to other sites, both UK and overseas.

At DE&S, we champion flexible ways of working. Regular in-person attendance is required to promote the benefits of face-to-face collaboration alongside flexibility of hours to support work-life balance. Initially, you may be expected to attend more frequently to familiarise yourselves with the site, the team, and your role.

Due to the nature of security requirements, you may be required to undergo Developed Vetting (DV) clearance once in the post.

What you'll be doing

• Develop artefacts and evidence used in the assessment of cyber risk, and considering the implications of changes to equipment design, offering mitigation advice in the process
• Build strong working relationships across all areas of the business, including interfacing with authorities like the National Cyber Security Centre (NCSC)
• Engage with internal and external stakeholders, to gain an understanding of their requirements and translate these into an agreed set of deliverables and outputs
• Implement and effectively develop Cyber Security guidance, policy, and tools
• Convert business objectives into tangible outputs and support the mitigation of the strategic cyber risk

Person specification

To be successful with your application, you'll need to show that you meet the following essential criteria:

• You will hold a relevant Level 6 qualification (Degree) in a STEM related subject or clearly demonstrate equivalent experience
• You must hold professional registration with a recognised body such as BCS, Engineering Council or CIISec, or an equivalent internationally recognised body
• You will demonstrate to SFIA Consultancy Level 6 (SFIA Consultancy competence) and be a Member of the Institute of Consulting (MICS)
• You will hold qualifications in one of the following or equivalent: CESG Certified Professional / CISSP / CISM or with an equivalent internationally recognised body
• You will demonstrate experience and/or knowledge of applying recognised information security risk management frameworks such as ISO27005 or the NIST RMF, whilst demonstrating your ability to manage multiple projects and delivering to agreed expectations

In addition to the responsibilities above, the following technical competences and behaviours will be assessed at interview:

• Technical Risk Management (Expert)
• SFIA Framework - Consultancy (Level 6)
• Leadership
• Communicating and influencing

Benefits

• 25 days' annual leave +1 day a year up to 30 days, 8 bank holidays and a day off for the King's birthday
• Flexible and hybrid working options
• Market-leading average employer pension contribution of 27%
• Annual performance-based bonus and recognition awards
• Access to specialist training and funded qualifications
• Support for progression
• Huge range of discounts
• Volunteering days
• Enhanced parental leave schemes

Improving innovation and enriching our culture, diversity of thought is vital to our success. So whether you're looking for a new opportunity, a next step, or a helping hand as you return from a career break, bring your experiences and help deliver for the defence of tomorrow. Here you'll find a supportive, family-friendly organisation to be a part of - and if you need any assistance with your application, just let us know.