Cybersecurity Operations Lead in Somerset

The primary purpose of the Cybersecurity Operation Lead (COL) is to work with the UWS Head of Engineering Operations to develop and optimise all non-IS and ‘product’ related development environments on which UWS solutions are developed and to manage the cyber posture of our deployed solutions within our customers' operational environment as part of the In-Services support phase.

Location(s): Templecombe or Bristol or Cheadle or Crawley

Responsibilities

• Management of the cyber posture of Business Managed Networks (BMNs), test benches, identify opportunities to mutualise, establish consistencies and achieve efficiencies.
• Ensure BMNs approval for operation and interconnections are authorised in accordance with the UK Corporate Security BMN process in collaboration with the UK Corporate Security function and UK Chief Information Security Officer (CISO).
• Monitor, audit and report on BMNs operation and maintenance activities to business stakeholders to determine alignment with the risk tolerance of the organisation.
• Define and ensure capabilities (tools, processes and roles) are in place for in-service support phase for solutions, projects and services.
• In coordination with legal and contracts teams, analyse cybersecurity specific contractual clauses, Security Aspect Letters, DEFCON’s and DEF STAN’s to quantify and capture Thales’ obligations.
• Support the procurement teams to evaluate suppliers’ cybersecurity maturity and ability to meet customer’s contractual obligations.
• Define the UWS UK business incident management process in coordination with the UWS CyDA/CyAM.
• Participate in resolution of cyber security incidents and crises related to deployed solutions, BMNs and suppliers including reporting in accordance with contractual obligations.
• Define and ensure secure disposal of solutions, BMNs and customer data in accordance with contractual obligations.
• In cooperation with the UWS CyDA conduct a Cyber security maturity assessment of UWS UK on an annual basis.
• Analyse results and provide cyber input into the Engineering Performance Plan (EPP) to support MYB process.
• Take ownership and manage delivery of EPP and Cyber objectives, report progress and outcomes.
• Developing the Cyber Security Management System (CSMS), associated RACI and cyber skills enhancements required across the UWS UK business.
• Act as part of a wider Engineering Operations team, focused on ensuring that the engineering management team are able to operate as efficiently as possible.

Qualifications

• Degree in Engineering, Computer Science or any other related field in university [preferably with a speciality in Cryptology, Control systems or Cybersecurity]

Required Skills

• Knowledge of relevant information security standards, e.g. UN-R155, UN-R156, ISO 21434, ISO 27001 and ISO 27005.
• Knowledge of Chorus 2.0 processes (or similar BMS/QMS) and the regulatory framework that Thales operates within.
• Familiar with data analysis, data processing and IT and cyber security.
• Leadership and team management: lead by example, inspire, motivate and engage teams, provide direction, support and develop individuals, delegate responsibilities, encourage collaboration.
• Problem evaluation: problem characterisation, problem structuring, analysing information, documenting evidence, interpreting data, presenting solutions.
• Driving success: taking action, seizing opportunities, pursuing goals, motivating others, building teams.
• Building collaboration: persuading and negotiating with own perspective, listening and engaging to other perspectives, working towards creating shared objectives and actions.
• Building network: identifying and meeting stakeholders, building relationships, establishing rapport, maintaining relationships, understanding people, valuing individuals.
• Communication: influencing people, articulating/translating information, creating and delivering communication plans.

Preferred Skills

• Knowledge of Thales business structures and processes.
• How UWS operates and how we use toolsets to promote efficiency (incl. Thales and UWS internal processes).