Home > Specialisms > Cyber Security

Cyber Security

As a Cisco Security Partner, aap3 provide fully supported security solutions and certified security professionals. Having inhouse cyber security certified consultants gives us a clear understanding of client’s needs alongside advanced vetting procedures. It has never been more important to be safe, secure and compliant.


Principal Engineer – Product Security (PSec Analyst)

  • Surrey
  • Contract
  • £61.00 - £66.00 per hour

Principal Engineer - Product Security (PSec Analyst) Role Summary We have an exciting new contract opportunity based in Frimley as a Principal Engineer - Product Security (PSec Analyst). The role will be an initial 12 month contract and will provide you with focal point for security and information risk matters and will be able to apply their deep level of subject matter expertise and experience to ensure that submarine systems and products are delivered and can be managed.

Principal Engineer – Product Security (PSec Analyst)

Role Summary

We have an exciting new contract opportunity based in Frimley as a Principal Engineer – Product Security (PSec Analyst).

The role will be an initial 12 month contract and will provide you with focal point for security and information risk matters and will be able to apply their deep level of subject matter expertise and experience to ensure that submarine systems and products are delivered and can be managed.

Key Responsibilities

  • They will be able to support the appropriate Delegated Technical Authority (dTA) and/or Design Authority (DA) to ensure the delivered solutions meet the specified contractual and regulatory requirements and can be operated securely, correctly and safely.
  • They will provide subject matter expertise and advice to other functional and capability areas to support overall project delivery and performance.
  • The PSA consultant engineer will have a good understanding of the applicable regulations, standards, policies and guidance on information risk management, to be able to identify, analyse and evaluate information risks.
  • They will be able to speak knowledgably and credibly with customer, user and internal stakeholders to explain the causes of information risks, their likelihood and potential operational and business impacts.
  • They will be able to document and present risk management options to the business and participate in discussions on options.

The PSA principal engineer will have a working knowledge of the cyber security and information assurance marketplace, including products, suppliers and key threats, and will also have an understanding of the direction of potential future technologies.

Key skills & qualifications

  • Knowledge of Product Security activities in the defence, maritime or closely linked domain and have a comprehensive understanding of how potential threats will be managed and the potential impact on the platform and systems
  • Knowledge of the complete engineering lifecycle with some experience of operating in a number of phases.
  • Have a strong awareness of Product Safety and SHE.
  • Good communication skills and be able to interact with stakeholders
  • Provides technical leadership, coaches and mentors others. May lead a team of engineers

What we’re looking for in you

Excellent verbal and written communication skills.

Well-developed analytical/ problem solving/ decision making skills.

Strong organisational skills who is adaptable in a fast-paced environment.

Stakeholder management skills.

Computer or DSE Work, Drug & Alcohol Test, Working from Home During Covid, Prolonged Sitting

Location: Frimley

Rate: £66.00 per hour (INSIDE IR35)

AAP3 is acting as an Employment Business in relation to this vacancy.


Principal Engineer – Product Security (PSec Analyst)

  • Surrey
  • Contract
  • £61.00 - £66.00 per hour

Principal Engineer - Product Security (PSec Analyst) Role Summary We have an exciting new contract opportunity based in Frimley as a Principal Engineer - Product Security (PSec Analyst). The role will be an initial 12 month contract and will provide you with focal point for security and information risk matters and will be able to apply their deep level of subject matter expertise and experience to ensure that submarine systems and products are delivered and can be managed.

Principal Engineer – Product Security (PSec Analyst)

Role Summary

We have an exciting new contract opportunity based in Frimley as a Principal Engineer – Product Security (PSec Analyst).

The role will be an initial 12 month contract and will provide you with focal point for security and information risk matters and will be able to apply their deep level of subject matter expertise and experience to ensure that submarine systems and products are delivered and can be managed.

Key Responsibilities

  • They will be able to support the appropriate Delegated Technical Authority (dTA) and/or Design Authority (DA) to ensure the delivered solutions meet the specified contractual and regulatory requirements and can be operated securely, correctly and safely.
  • They will provide subject matter expertise and advice to other functional and capability areas to support overall project delivery and performance.
  • The PSA consultant engineer will have a good understanding of the applicable regulations, standards, policies and guidance on information risk management, to be able to identify, analyse and evaluate information risks.
  • They will be able to speak knowledgably and credibly with customer, user and internal stakeholders to explain the causes of information risks, their likelihood and potential operational and business impacts.
  • They will be able to document and present risk management options to the business and participate in discussions on options.

The PSA principal engineer will have a working knowledge of the cyber security and information assurance marketplace, including products, suppliers and key threats, and will also have an understanding of the direction of potential future technologies.

Key skills & qualifications

  • Knowledge of Product Security activities in the defence, maritime or closely linked domain and have a comprehensive understanding of how potential threats will be managed and the potential impact on the platform and systems
  • Knowledge of the complete engineering lifecycle with some experience of operating in a number of phases.
  • Have a strong awareness of Product Safety and SHE.
  • Good communication skills and be able to interact with stakeholders
  • Provides technical leadership, coaches and mentors others. May lead a team of engineers

What we’re looking for in you

Excellent verbal and written communication skills.

Well-developed analytical/ problem solving/ decision making skills.

Strong organisational skills who is adaptable in a fast-paced environment.

Stakeholder management skills.

Computer or DSE Work, Drug & Alcohol Test, Working from Home During Covid, Prolonged Sitting

Location: Frimley

Rate: £66.00 per hour (INSIDE IR35)

AAP3 is acting as an Employment Business in relation to this vacancy.


Security Assurance Manager

  • Hampshire
  • Contract
  • £44.00 - £48.00 per hour

Information Security Assurance Manager Role Summary We have an exciting new contract opportunity based in Portsmouth as a Information Security Assurance Manager. The role will be an initial 7 month contract and will provide you with the opportunity to work across all branches of security functions and external supplier site locations, supporting the delivery and application of security in support of Programme delivery.

Information Security Assurance Manager

Role Summary

We have an exciting new contract opportunity based in Portsmouth as a Information Security Assurance Manager.

The role will be an initial 7 month contract and will provide you with the opportunity to work across all branches of security functions and external supplier site locations, supporting the delivery and application of security in support of Programme delivery.

Key Responsibilities

  • Ensuring demonstrable compliance with the requirements of the Defence Cyber Protection Partnership and generating Security Aspects Letters in line with HMG Policy
  • Overseeing security tasks and coordinating information security supplier assurance team services and audit based on relevant policies, standards, procedures and best practices of the assigned work stream(s).
  • Ensuring demonstrable compliance with defence industry contractual security requirements, not limited to; the Defence Federal Acquisition Regulation Supplement (DFARS), NATO and OCCAR
  • Managing security incidents in conjunction with Information Security team, including the investigation of incidents and remedial action
  • Influence the security culture by raising security awareness amongst employees, management and suppliers, modelling behaviours that demonstrate BAE Systems values.
  • Generate a business network appropriate to specific role requirements and maintaining positive relationships to ensure information security is at the forefront of business decisions
  • Creating a positive security culture through the design and delivery of information security training and awareness across the Maritime Services business in accordance with the information security programme
  • Authoritative communication of security assurance aspects as appropriate to programmes, partners and suppliers and engender continuous improvement to embed an effective security culture
  • Conduct and review security assessments and define operational requirements for the assigned work stream to protect critical information assets.
  • Lead information security risk assessments and track remedial activities through to resolution to improve information security performance
  • The Analysis of Information Security Requirements and the assessment of compliance with these requirements, developing action plans to address identified non-compliances
  • Providing security guidance on new supplier and evaluations for the supply base, including guidance on classification of both BAE Systems proprietary and government security classified information.
  • Authoritative communication of security aspects and effective management of the information security supplier assurance team as appropriate to support programmes, partners and suppliers and engender continuous improvement to embed an effective security culture.
  • Proactive engagement with commercial and bid teams to ensure appropriate security planning is managed to reflect regulatory, contractual and policy requirements for supplier downs.

Key skills & qualifications

  • Relevant degree or demonstable experience in Security or Supply Chain related subject.
  • Industry recognized Information Security, Supply Chain or audit Qualification is highly desirable.
  • Two years experience in a similar role.
  • Demonstrable knowledge and experience of Information Security principles and processes (ISO27001/2, NIST)
  • Demonstrable knowledge and experience of Supply Chain principles and processes.
  • Working towards Information Security or Supply Chain qualification e.g. MSc, CISM, CISSP, CIPS is highy desirable.
  • Demonstrate good oral and written communication skills; able to communicate effectively.
  • Experience within UK Defence industry and associated security frameworks is highly desirable
  • Knowledge and understanding of UK Government Security Classifications

What we’re looking for in you

Excellent verbal and written communication skills.

Well-developed analytical/ problem solving/ decision making skills.

Strong organisational skills who is adaptable in a fast-paced environment.

Stakeholder management skills.

Location: Portsmouth

Rate: £48.70 per hour – INSIDE OF IR35

AAP3 is acting as an Employment Business in relation to this vacancy.


Product Security Engineer

  • Hampshire
  • Permanent
  • £57.00 - £61.00 per hour

Job Description Purpose of role: To ensure Information Assurance and Security across multiple programmes across the Maritime Sector. This will include, liaising with projects, system accreditors, producing IA documentation such as RMADS, providing advice and guidance to shape the technical solution and ensuring projects have common security processes in place.

This role is CONFIRMED to be inside IR35

Responsibilities:

  • Major Tasks and Activities:
  1. Manage the Accreditation of a number of Maritime programmes at varying points in the lifecycle.
    1. Liaise with the system accreditor(s) to manage expectations and ensure that IA requirements are met and risk is reduced to acceptable level.
    2. Determine the IA Strategy for each project including how requirements will be flowed down to suppliers
    3. Influence and shape the technical design for each product to build security into the design from the beginning.
    4. Ensure project security is in place including arrangement between suppliers and partners and for reference rigs.
    5. Support functional IA activities.

Key Outputs/Deliverables: Business Unit

    • Producing and collecting Accreditation Documentation
    • Inputting sections of the Bid Proposal Document
    • Contribution to the wider IA Special Interest Group

The Individual:

Key Technical Skills

  • Solid engineering experience and background
  • Flexible to new challenges and skills
  • Attention to detail and able to identify priority areas of focus.

Company/Industry Knowledge:

  • Experience of or working in information assurance (particularly if working with UK/NATO/International standards) would be an advantage.
  • Experience of working within a large engineering programme would be an advantage.

Qualifications:

  • CCP qualifications or experience of competencies of practitioner level in ‘Security & Information Risk Advisor’ and/or Senior IA Architect role would be an advantage.
  • Must have completed an IAS1&2 Training Course

For more information on both contract and permanent roles via aap3, industry news and updates, check out our brand new website, follow our aap3 Recruitment page on Linkedin and follow us on twitter @aap3recruitment


Product Security Engineer

  • Hampshire
  • Permanent
  • £57.00 - £61.00 per hour

Job Description Purpose of role: To ensure Information Assurance and Security across multiple programmes across the Maritime Sector. This will include, liaising with projects, system accreditors, producing IA documentation such as RMADS, providing advice and guidance to shape the technical solution and ensuring projects have common security processes in place.

Responsibilities:

  • Major Tasks and Activities:
  1. Manage the Accreditation of a number of Maritime programmes at varying points in the lifecycle.
    1. Liaise with the system accreditor(s) to manage expectations and ensure that IA requirements are met and risk is reduced to acceptable level.
    2. Determine the IA Strategy for each project including how requirements will be flowed down to suppliers
    3. Influence and shape the technical design for each product to build security into the design from the beginning.
    4. Ensure project security is in place including arrangement between suppliers and partners and for reference rigs.
    5. Support functional IA activities.

Key Outputs/Deliverables: Business Unit

    • Producing and collecting Accreditation Documentation
    • Inputting sections of the Bid Proposal Document
    • Contribution to the wider IA Special Interest Group

For more information on both contract and permanent roles via aap3, industry news and updates, check out our brand new website, follow our aap3 Recruitment page on Linkedin and follow us on twitter @aap3recruitment


Senior Project Planner

  • Glasgow
  • Contract
  • £35.00 - £40.00 per hour

Senior Project Planner Role Summary We have an exciting new contract opportunity based in Scotstoun as a Senior Project Planner. The role will be an initial 6 month contract and will provide you with the opportunity to be responsible for the development and definition of Level 1 or Level 2 schedules from Statement Of Work (SOW) / Project Control Account (CA) requirements aligning to the naval Ships.

Senior Project Planner

Role Summary

We have an exciting new contract opportunity based in Scotstoun as a Senior Project Planner.

The role will be an initial 6 month contract and will provide you with the opportunity to be responsible for the development and definition of Level 1 or Level 2 schedules from Statement Of Work (SOW) / Project Control Account (CA) requirements aligning to the naval Ships.

Key Responsibilities

  • Translation of the ship design into Level 1/Level 2 schedules, logic, resourcing & budget
  • Responsible for delivery of an enabled network schedule in line with the Integrated Master Schedule, declared cardinal dates and Quarterly look-ahead aspirations
  • Responsible for the allocation of task budgets & alignment of workscope budgets with Project/CAM (Control Account Manager) targets
  • Accountable for maintaining quality standards within Plans and compliance to governance measures
  • Provide key support and guidance to the CAM and IPT Managers through regular engagement and a visible presence “on the Floor” as the project moves through all phases, Engineering, Supply Chain, Build, Commissioning and Acceptance
  • Be informed and able to validate, advise & challenge progress & completion forecasts, identifying schedule risk and required enablers
  • Maintain a focus on the customer needs coupled with a desire to remove non value added activities and establish best practice
  • Verify that functional outputs comply with business quality standards
  • Represent Lead Planner on certain occasions i.e. annual leave, delegated authority at meetings
  • Mentor and educate newer planners and apprentices in Planning and Shipbuilding practices to ensure their output meets functional/business quality standards

Key skills & qualifications

  • Comprehensive understanding of Planning Tools, key operating principles and other Integrated Business Systems (IBS)
  • Strong understanding of network techniques and scheduling principles
  • Proficient knowledge of Planning structures and principles (Work Breakdown Structure (WBS), Product Breakdown Strucutre (PBS) etc.)
  • The job holder demonstrates advanced IT skills and is proficient in the use of appropriate packages. (Primavera, Microsoft Office, etc)
  • 5-10 years Planning experience desired or demonstrated skills
  • Detailed knowledge of the business phases of engineering, supply chain, Build, Commissioning and Acceptance
  • Understanding of Ship build manufacture processes across the build cycle and delivery requirements of Engineering & Supply Chain to support
  • Understanding of Engineering, Supply Chain & Operations requirements & processes to ensure delivery of incoming/outgoing data is appropriate and to standard
  • Understanding of cross-functional process interfaces and impact on functional delivery & quality
  • Understanding and compliance with Company HR,SHE, & Quality policies and processes

What we’re looking for in you

Excellent verbal and written communication skills.

Well-developed analytical/ problem solving/ decision making skills.

Strong organisational skills who is adaptable in a fast-paced environment.

Stakeholder management skills.

Location: Scotstoun

Rate: 39.88 per hour (INSIDE OF IR35)

AAP3 is acting as an Employment Business in relation to this vacancy.


IT Security Assurance Lead

  • Hampshire
  • Contract
  • £61.00 - £66.00 per hour

IT Security Assurance Lead Role Summary We have an exciting new contract opportunity working from home as a IT Security Assurance Lead. The role will be an initial 12 month contract and will provide you with the opportunity to monitor key critical security controls within the estate to ensure effectiveness and identifying where failings are occurring.

IT Security Assurance Lead

Role Summary

We have an exciting new contract opportunity working from home as a IT Security Assurance Lead.

The role will be an initial 12 month contract and will provide you with the opportunity to monitor key critical security controls within the estate to ensure effectiveness and identifying where failings are occurring.

Key Responsibilities

  • Monitoring key critical security controls within the estate to ensure effectiveness and identifying where failings are occurring
  • Maintaining an operational overview of all security controls required to meet compliance with regulatory, HMG accreditation and company polices and standards. Where failures of effectiveness occur they are to be identified as findings and tracked to resolution
  • Auditing and Assuring Third Party Service Providers (Inc. DXC, Cloud service providers, Telefonica and Capita etc) against operational security requirements as defined in their contracts and where appropriate
  • Assessing as required to assist and implement any regulatory frameworks are met and implemented such as ISO20000, ISO27001 and CE+
  • Organising and overseeing internal and external Pen tests to assess control effectiveness and support compliance and accreditation requirements
  • Working in conjunction with the EITS Service Operations Teams to manage the security aspects of service delivery of UK Service Providers including representing Information Security in Service Review Meetings
  • Reviewing and assuring externally provided Security Services to maximise the service benefits; recommending changes and improvements as appropriate (Inc. GSOC, UK SOC, Outpost 24 and McAfee)
  • Contributing to root cause analyses of major security incidents and following security findings through to completion with Business Group, SI and Service Provider stakeholders
  • Assuring the security impact of changes to the enterprise IT infrastructure and recommending remedial actions to ensure compliance and HMG security policy and standards
  • Assisting with security reporting providing evidence of assurance around key security control effectiveness
  • Representing the Information Security Authority at monthly Tow er Service Reviews where specific security issues need to be review ed or addressed

Key skills & qualifications

  • Strong track records of auditing or assuring the security of services in the Government sector (or commercial organisations bound by HMG standards)
  • Strong analytical background with the ability to analyse and interpret large and complex data sets and articulate observations, conclusions and recommendations to senior audiences
  • In-depth know ledge of HMG and industry standard security policy, standards and good practice guidance and their application to a variety of IT solutions processing protectively marked information
  • Wide ranging know ledge of application, infrastructure and security technologies and in-depth know ledge of implementing them in a secure configuration
  • Educated to degree level (or equivalent) preferably in a related discipline

  • CLAS or CISSP/CISA/CISM qualification desirable but not essential
  • Strong communication skills with the ability to communicate complex subjects to a variety of audiences, pulling out key issues and decision points
  • Excellent negotiation and interpersonal skills for managing relationships with internal and external stakeholders and dealing with escalations
  • Capable of a very high standard of written communication including experience of writing complex reports and giving formal presentations
  • Ability to work autonomously and manage workload and priorities based on demand from multiple different projects and initiatives
  • Strong team working ethic and strives to meet personal and team objectives

What we’re looking for in you

Excellent verbal and written communication skills.

Well-developed analytical/ problem solving/ decision making skills.

Strong organisational skills who is adaptable in a fast-paced environment.

Stakeholder management skills.

Location: Working from home

Rate: £66.85 per hour (INSIDE OF IR35)

AAP3 is acting as an Employment Business in relation to this vacancy.


Product Security Engineer

  • Hampshire
  • Contract
  • £55.00 - £60.00 per hour

An exciting new Product Security Engineer position to be based in Portsmouth.

Purpose of role:

To ensure Information Assurance and Security across multiple programmes across the Maritime Sector. This will include, liaising with projects, system accreditors, producing IA documentation such as RMADS, providing advice and guidance to shape the technical solution and ensuring projects have common security processes in place.

Additional Key Accountabilities:

  • Keep up to date in relevant IA standards, process and technologies, develop skills and capabilities to be able to provide more effective services
  • Provide help and direction to less experienced team members to support both their effective working and their development.
  • Support the IA special interest group by sharing best practise

Major Tasks and Activities:

  • Manage the Accreditation of a number of Maritime programmes at varying points in the lifecycle.
  • Liaise with the system accreditor(s) to manage expectations and ensure that IA requirements are met and risk is reduced to acceptable level.
  • Determine the IA Strategy for each project including how requirements will be flowed down to suppliers
  • Influence and shape the technical design for each product to build security into the design from the beginning.
  • Ensure project security is in place including arrangement between suppliers and partners and for reference rigs.
  • Support functional IA activities.

The Individual

  • Solid engineering experience and background
  • Flexible to new challenges and skills
  • Attention to detail and able to identify priority areas of focus.
  • Experience of or working in information assurance (particularly if working with UK/NATO/International standards) would be an advantage.
  • Experience of working within a large engineering programme would be an advantage.
  • CCP qualifications or experience of competencies of practitioner level in ‘Security & Information Risk Advisor’ and/or Senior IA Architect role would be an advantage.
  • Must have completed an IAS1&2 Training Course

AAP3 is acting as an Employment Business in relation to this vacancy.


Asset Administrator

  • Gloucestershire
  • Permanent
  • £30000 - £35000.00 per annum

Opportunity for an Asset Administrator/ Asset Manager with this leading global organization in the defence sector. You will need to hold current SC Clearance for this role

Asset Administrator: asset administration, asset manager, asset management, procurement, SC Cleared, Security Clearance

Opportunity for an Asset Administrator with this leading global organisation in the defence and cyber sector based from their Gloucester office.

For this role you will need to hold current SC Clearance for this role.

Experience in Asset administration/ Asset Management is sought.

In the role you will manage and administer the asset life-cycle for the team from procurement, logging & labeling, assets in/ out right through to disposal.

Key responsibilities

  • Procure items requested within agreed procedure
  • Ensure assets are labelled, stored and managed inline with customer requirements for compliance
  • Verify asses to be procured with Project Manager/ Technical lead
  • From supply chain obtain quotes, place orders and manage goods in, materials and invoicing
  • Itemise and track subsets of assets
  • Identify risks and issues and report to Project Manager

Experience required:

  • Excellent MS Office skills: Excel, Word, Outlook, PowerPoint
  • Strong attention to detail
  • Excellent customer facing and communication skills
  • Thrive in a fast paced environment and able to work independently and prioritise
  • Well motivated, organised and methodical – can do approach
  • Current SC Clearance and eligible for DV clearance and happy to undergo background checks
  • Strong team working skills

Asset Administrator: asset administration, asset manager, asset management, procurement, SC Cleared, Security Clearance

For more information on both contract and permanent roles via aap3 Recruitment, industry news and updates, check out our new website, follow our aap3 Defence & Aerospace Recruitment page on Linkedin and follow us on twitter @aap3recruitment


Principal Product Security Engineer x 3

  • Dorset
  • Contract
  • £60.00 - £65.00 per hour

The PSA Principal Engineer will be a focal point for security and information risk matters within the Product Security Engineering (PSyE) team and will be able to apply their deep level of subject matter expertise and experience to ensure that submarine systems and products are delivered and can be managed and supported through-life.

They will be able to support the appropriate authorities/management to ensure the delivered solutions meetthe specified contractual and regulatory requirements and can be operated securely, correctly and safely. They will provide subject matter expertise and advice to other functional and capability areas to support overall project delivery and performance.

The PSA Principal Engineer will have a good understanding of the applicable regulations, standards, policies and guidance on information risk management, to be able to identify, analyse and evaluate information risks. They will be able to speak knowledgably and credibly with customer, user and internal stakeholders to explain the causes of information risks, their likelihood and potential operational and business impacts. They will be able to document and present risk management options to the business and participate in discussions.

The PSA Principal Engineer will have a working knowledge of the cyber security and information assurance marketplace, including products, suppliers and key threats, and will also have an understanding of the direction of potential future technologies.

Responsibilities

The PSA Principal Engineer will be responsible for, or provide input to the following typical key deliverables, dependent on the role and the place the project is in the engineering lifecycle:

  • Risk Management Accreditation Document Set (RMADS).
  • Security Strategy and other accreditation documentation
  • Captured and agreed technical requirements in accordance with company and programme processes.
  • Compliant technical solutions against contractual requirements and regulations.
  • Technical input and appropriate consideration of product security activities and issues for LCM deliverables and Design Reviews, including Sub-Contract Design Reviews.
  • Captured and agreed input to appropriate Verification and Qualification Plans.
  • Specialist advice and contribution to other project documentation, such as Training Needs Analysis (TNA), Technical Publications, Cyber Incident Plans and Operating Instructions (list is not exhaustive).

Skills/Qualifications

  • Degree (or equivalent experience) in a relevant STEM subject or Information Security related.
  • Holds NCSC CCP SIRA status (or able to achieve)
  • Good understanding of information security principles and is able to advise on the potential impact to Product Systems.
  • Experience of Product Security Engineering activities in the defence, maritime or closely linked domain.
  • Knowledge of security related activities required to support the engineering lifecycle with experience of operating in the phase relevant to the role.
  • Proven experience of assessing and managing information risk in line with industry good practice.
  • Experience of assessing and advising on controls to support Product Safety.
  • Proven experience of applying Product Security/Information Security concepts to applicable technologies within the environment (or similar).
  • Supports and contributes to information security professional bodies and industry forums.
  • Can demonstrate experience of mentoring and/or providing support to others.
  • Is a member of a professional institute
  • Can demonstrate continuous improvement, professional development and awareness of current industry good practice.

PLEASE NOTE: This role has been confirmed as being INSIDE IR35.

AAP3 is acting as an Employment Business in relation to this vacancy.