Secure by Design Consultant
Morson EdgeSecure by Design Consultant
Yeovil - 90% onsite (may be flexible)
Up to £86.11 per hour, OUTSIDE IR35
6 months initially
Active SC clearance and sole British citizenship required due to security restrictions
We are supporting a major defence aviation programme looking for an experienced Secure by Design/Cyber Security Consultant to join a long-term engineering delivery programme.
This role will support the delivery of cyber and information security activities across the engineering life cycle, helping ensure products and systems are secure by design and aligned to customer, MOD and regulatory requirements.
You will work closely with engineering teams, architects, security stakeholders and customers within a highly regulated defence environment.
Key responsibilities:
Deliver Secure by Design and cyber security activities across the engineering life cycle
Conduct cyber security risk assessments and threat modelling activities
Support development of security artefacts including RMADS, SyOPs, risk registers and security management documentation
Participate in Security Working Groups and stakeholder engagements
Support product security, system security and security architecture activities
Work with engineering and programme teams to ensure security controls are appropriately implemented
Support security assurance, verification and compliance activities
Identify and manage security risks, issues and remediation activities
Key experience required:
Experience working within defence, aerospace, aviation or highly regulated environments
Strong understanding of Secure by Design principles
Experience with security risk assessments, threat modelling and security assurance
Experience supporting security activities across the engineering life cycle
Knowledge of MOD and industry security standards/frameworks such as NIST, JSPs, Def Stan or ISO27001
Experience working closely with technical engineering and delivery teams
Strong stakeholder engagement and communication skills
Desirable:
Experience producing accreditation/security artefacts such as RMADS or SyOPs
Product security or security architecture experience
Experience within aviation or aerospace programmes
CISSP, CISM, SABSA or similar certifications