Job description
The Role
Cyber Security Governance and Risk Management
About the role
Your role is at the core of everything BMT does - from helping our customers with high quality cyber security consultancy and cyber assurance supporting our customers and clients.
As part of the growth of our existing successful cyber security risk and compliance team, new and exciting roles are available for cyber security specialists.
You will:
- Create and support risk assessments and security risk management processes.
- Develop information security management/governance systems.
- Communicate information security risks recommending appropriate risk treatment/mitigation to a variety of stakeholders.
- Provide security-related design advice, guidance and recommendations to project teams and customers (following Secure by Design principles).
- Apply your knowledge and skills to projects achieving suitable security accreditation or compliance with security policies and standards.
- Work with the wider BMT engineering specialists in delivering cyber assurance to all BMT projects.
In terms of location, we have offices in Bath, Bristol, London, Teddington, Plymouth, Weymouth and Fareham, and we are happy to explore flexible and hybrid working arrangements. Please note that some travel to customer sites or to attend meetings will be required. This role is available part-time, job-share or full time. This is because we want the best people for our roles, and we recognise that sometimes those people aren’t available full-time.
About you
Please note, this role is reserved for sole UK Nationals only and employees must be prepared to hold UK government security clearance.
We are looking for experienced cyber security specialists aligned with SFIA Information Assurance: Level 5 who must have experience in:
- Working for Government departments, in particular Defence.
- Cyber Security Governance and Risk Management
It would also be desirable if you have experience in:
- Cyber Security Audit & Assurance (but not full-time security auditors)
- Secure by Design principles and implementation.
Our work is directly customer focused, your ability to present and articulate technically complex work clearly to stakeholders with differing levels of technical knowledge is important.
Knowledge of national or international standards such as NIST, ISO27000, and DCPP / Cyber Essentials would be advantageous but not essential.
We value professional qualifications and professional registration with appropriate institutions and can provide support and training for you to achieve them. Team members typically hold, or are working towards, CISSP, Chartership, or the Senior level CCP qualification in Security & Information Risk Advice.
About BMT
BMT is a maritime-orientated high-end design house and technical consulting firm driven by a passion for solving complex, real-world problems. To find out more about BMT .
BMT is open and committed to discussing flexible working. We believe that everyone performs at their best when they have the flexibility to make working for BMT work best for them.
BMT hires talented people and welcomes applications from everyone. We particularly welcome applications from Black, Asian, Minority ethnic, female, and non-binary candidates as we are underrepresented in these groups.
We know that diversity, equity, and inclusion is critical to achieving our purpose as a business which is to navigate the most important and impactful engineering challenges of our time (to find out more ). Our passion and goal are to build more diverse teams and to create an environment where employees are engaged, thriving, and feel a sense of belonging.
Benefits
At BMT, our employee benefits are designed to ensure you have the resources you need to thrive.
In addition to a competitive salary, we offer a wide range of benefits in areas including health, family, finance, and personal development.
Don’t hesitate to ask more about our benefits during the hiring process.
Apply online
Does this sound like you? If so, please submit your application as soon as possible. We look forward to learning more about you.
A message to recruitment agencies: We receive applications exclusively via our ATS. Please note that we do not accept CVs submitted via email to the HR department or staff within our Operational teams. We will not progress CVs shared on a speculative basis by email and you accept our right to pursue such candidates with no obligation to third-party terms and conditions or liability to a fee.