Cyber Assurance Manager - Compliance
Job Title\: Cyber Assurance Manager - Compliance
Job Location\: Preston or London - Hybrid- Travel to sites as and when needed Ideally onsite at their contractual site once a week. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role.
Referral Scheme Bonus\: £1,000
Grade\: GG12
You’re expected to have completed 12 months in role prior to applying for an advertised vacancy and you should also discuss the internal opportunity with your line manager to ensure sustained business continuity and to further support your career development.
We know there may be exceptional individual circumstances that impact this, in the first instance please discuss this with your line manager.
If you don’t feel you can talk to your Line Manager, you can contact your HRBP.
PLEASE NOTE Should you be invited for interview; you acknowledge that the Recruitment team will contact you and your line manager regarding your application for this opportunity.
Role Description\:
Group Compliance and Assurance management, oversight and preparation for Group level Cyber compliances & certifications oversighting audit readiness. SME skillset in both tech and risk management practices in Assurance as well as networking and management of stakeholders throughout the business to meet compliance certification requirements in a robust and timely fashion.
Core Duties\:
- Supporting the Head of Cyber Assurance to manage and deliver Compliance assurance
- Management and input to the GCSS, ensuring clarity on compliance requirements, auditing and certification schedules and direct engagement with required stakeholders
- Support certification engagement in planning, agreement and implementation of compliance standards ensuring audit readiness
- Assist and develop the build, and implementation of the cyber compliance assurance framework in line with industry standard with knowledge of ‘what good looks like’
- Significant stakeholder management to work collaboratively across BAE Systems to develop, maintain, and embed best practice in business-as-usual operations. This includes Group GRC & cybersecurity teams and Line- of business IT teams, auditors and other stakeholders
- Providing SME support on compliance standards, internal standards, policies, and Secure by Design (SbD) principles, while meeting all legal and regulatory obligations
- Develop and embed Assurance, Compliance and Progress Reporting using excel and Tableau
- Support the development and embedding of Assurance tooling
Essential Skills\:
- Knowledge in Cyber Security, Information Security or Information Technology
- Experience in a Governance, Risk, Compliance, and Assurance (GRC&A) role, ideally within a large or complex organisation
- Specialist knowledge of MOD/DOD Compliance standards\: DCC/MoD SAQs, SWIFT, Fin Assurance, CE+, etc
- Some experience of managing and improving Risk Assurance frameworks
- Providing second line Assurance oversight independent to operational management
- Experience with cyber risk management and compliance with cyber security standards and certification requirements such as NIST 800-53, SOC 2, CSM (UK MOD), ISO 27000 etc
- Experience in sectors such as defence, government, banking, or utilities
The Group Cyber Assurance and Compliance team\:
We currently have an opportunity for a Cyber Assurance Manager – Compliance to join our team. As a Cyber Assurance Manager, you will support the Head of Cyber Assurance to deliver cyber security compliance assurance across all Business Units. This will involve maturing and performing independent L2 Control testing and Assurance, Continuous Control Monitoring and Maturity Assessments and overseeing L1 assurance assessment and remediation programs schedule, including Exception and Risk Acceptance Governance in line with our Compliance requirements to oversight audit readiness.
Why BAE Systems?
Here you’ll build a career with purpose and limitless possibilities. With lifelong learning and meaningful work - this is a place where you can grow your career with confidence and be empowered to be your best. You’ll be recognised for your contribution and enjoy rewards tailored to what’s most important to you and your family - support for your financial and personal wellbeing, as well as a balanced lifestyle. In an environment embracing sustainable ways of working and with a strong sense of shared purpose, our supportive culture is a place you can feel you belong and proud of the difference you make.
We welcome applications from all suitably qualified people, who are BAE Systems employees and have been in their current role for 12 months or longer.
A place where everyone can thrive\:
We’re committed to building an inclusive workplace where everyone feels valued and supported. We know that a diversity of backgrounds, perspectives and experiences strengthens our teams and is vital to the work we do.
Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks.