Information Assurance AnalystBristol, England; Milton Keynes, England
At Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
Boeing Defence UK (BDUK) is a subsidiary of the Boeing Company and currently employs over 1,200 people in the UK. BDUK is currently responsible for delivering support to a variety of Logistics Applications via the Support Chain Information Services (SCIS) contract. As part of the delivery of this contract the Information Assurance team provides assurance support to the MOD which encapsulates supporting a number of applications to the standards required by both Boeing and the SCIS contract.
An exciting opportunity has become available to join the BDUK Information Assurance Team as an Information Assurance Analyst.
The Information Assurance Analyst supports the maintenance of programme Information Security and Assurance activities for assigned systems to meet the programme and enterprise requirements, policies, standards, guidelines and procedures.
Ensures compliance with cybersecurity controls for assigned systems. Assists with and participates in Information Assurance and Security assessments and audits. Analyses and compiles assurance information, prepares and presents technical reports and briefings. Supports investigation and resolution of routine cybersecurity questions. Supports the implementation of enterprise-wide cybersecurity policies, standards, guidelines and procedures that may reach across multiple stakeholder organizations.
This position allows telecommuting with a mix of onsite and remote working available. However, the selected candidate will be required to spend some time onsite.
The successful candidate will need to have had recent practical experience in a high tempo working environment and be motivated to join an established Information Assurance team in the UK.
BDUK Information Assurance professionals are expected to work closely with their Information Assurance and Security counterparts to deliver an integrated and focused security effect. Experience of working with UK MOD organizations is preferred, and knowledge of Information Assurance and MOD Security policies such as JSP440 and JSP604 is desirable.
Assistance with Information Assurance and Security activities across the SCIS Programme, including regular interaction with customer Information Assurance and Security representatives.
Maintain and analyse statistical information on Information Assurance activities and compliance metrics.
Compiling and maintenance of information and artefacts (e.g. Data Privacy Impact Assessments, Bulk Data Assessments, Application Risk Registers) to MOD DART system to support accreditation activity and HMG security requirements.
Supports senior Information Assurance staff with portfolio wide security testing scoping and response requirements.
Preparing regular updates on progress against Information Assurance and Security deliverables and input to Information Assurance and Security bid proposals for the SCIS Programme.
Disseminate threat based information as well as provide ad hoc Information Assurance and Security advice and support to the SCIS Programme.
Assist the identification of Information Assurance and Security risks within information systems, support implementation of effective and risk balanced Information Assurance and Security measures, and compiles Risk Balance Cases as required.
Apply an ISO27001 framework, contribute to identification of risk through a technical risk assessment and a number of audits based on a pre-defined scope.
Liaison with internal and external stakeholders, customers, accreditors and technical authorities on routine matters, including attendance at Security Working Groups.
Support business and user focused security policies, procedures, processes and operational guidance for the compliant delivery of customer information security requirements.
Develop and maintain knowledge of technology (both hardware and software), threat actors, tools and techniques and the risk implications for information security.
Ideally qualified to degree level (or equivalent) or with relevant information security experience, particularly within a similar role in UK Government or Defence.
Relevant industry security certifications would be advantageous (e.g. SSCP, ISO27001 Auditor).
Essential knowledge and skills:
Knowledge of systems and security verification, validation, testing and evaluation approaches.
Understanding of information security Risk Assessments, Risk Treatment Plans and Risk Management and Accreditation Documents in accordance with ISO27001
Pragmatic approach to the recommendation of security controls.
Ability to plan, prioritise and manage workload under general supervision, with general instructions for special assignments.
The successful applicant must have an active, or be eligible to obtain, Security Clearance (SC)
Desirable knowledge and skills:
Knowledge and understanding of MOD and Government information security policy, standards and guidance.
Experience of working within a multinational matrix management environment/ structure and a large-scale, complex international organization, but also within small teams, would be highly advantageous.
Experience of working with and accrediting MOD Applications for deployment onto the Defence Network, including knowledge of various MOD publications such as JSP440, JSP604 etc. and tools such as DART.
Experience of participating in developing security solutions in response to customer requirements.
Understanding of data protection controls and practices, and awareness of wider regulations such as ITAR.
All information provided will be checked and may be verified.
Important information regarding this requisition: This position does not have sponsorship approval. This requisition is for a locally hired position in the UK. Candidates must have current legal authorisation to work immediately in the United Kingdom. Boeing will not attempt to obtain Immigration and labour sponsorship for any applicants. Benefits and pay are determined at the local level and are not part of Boeing U.S. based payroll.
PLEASE NOTE: The successful candidate will be expected to undergo a SECURITY CHECK/CLEARANCE
Boeing is implementing new requirements for employees to be fully vaccinated from COVID-19 or have an approved reasonable accommodation based on local legislation in several countries including U.S.-based employees. Please refer here for current vaccination and/or reasonable accommodation requirements, and timelines based on location.
Equal Opportunity Employer:
Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.
Contingent Upon Program Award
No, this position is not contingent upon program award