Cyber Security Governance and Risk Management

Job Description

Cyber Security Governance and Risk Management

BMT is dedicated to tackling the most crucial engineering challenges of our era, fostering an environment where individuals with exceptional technical expertise provide meaningful, practical solutions. Committed to creating a safer, more efficient, effective, and sustainable future, BMT values diversity, equity, and inclusion, recognizing their pivotal role in achieving our business purpose. Learn more about BMT at www.bmt.org.

Why Work for Us?

Joining BMT means gaining access to a comprehensive set of employee benefits designed to empower your success. In addition to a competitive salary, our offerings encompass health, family, finance, and personal development, including:

• Private Medical (family coverage)
• Enhanced Pension
• Flexible Working
• Wellbeing Fund – an annual fund for personal hobbies or interests
• 26 Days Annual Leave (plus bank holidays)
• Holiday Trading
• Retail Vouchers
• Professional Subscriptions

At BMT, we pride ourselves on being a verified flexible workplace, providing freedom and choice. Learn more about our flexible status at Flexa Careers.

About the role

Your role is at the core of everything BMT does - from helping our customers with high quality cyber security consultancy and cyber assurance supporting our customers and clients.

As part of the growth of our existing successful cyber security risk and compliance team, new and exciting roles are available for cyber security specialists.

You will:

• Create and support risk assessments and security risk management processes.
• Develop information security management/governance systems.
• Communicate information security risks recommending appropriate risk treatment/mitigation to a variety of stakeholders.
• Provide security-related design advice, guidance and recommendations to project teams and customers (following Secure by Design principles).
• Apply your knowledge and skills to projects achieving suitable security accreditation or compliance with security policies and standards.
• Work with the wider BMT engineering specialists in delivering cyber assurance to all BMT projects.

Hybrid: home and office/customer site based. We have offices in Bath, Bristol, Fareham, London, Plymouth and Weymouth. We will consider Full and Part Time applications. Please note this role will require up to two days onsite.

About you

Please note, this role is reserved for sole UK Nationals only and employees must be prepared to hold UK government security clearance. A requirement of this, is sole UK Nationality since birth.

We are looking for experienced cyber security specialists aligned with SFIA Information Assurance: Level 5 who must have experience in:

• Working for Government departments, in particular Defence.
• Cyber Security Governance and Risk Management

It would also be desirable if you have experience in:

• Cyber Security Audit & Assurance (but not full-time security auditors)
• Secure by Design principles and implementation.

Our work is directly customer focused, your ability to present and articulate technically complex work clearly to stakeholders with differing levels of technical knowledge is important.

Knowledge of national or international standards such as NIST, ISO27000, and DCPP / Cyber Essentials would be advantageous but not essential.

We value professional qualifications and professional registration with appropriate institutions and can provide support and training for you to achieve them. Team members typically hold, or are working towards, CISSP, Chartership, or the Senior level CCP qualification in Security & Information Risk Advice.

What's Next?

If you are ready to contribute your skills and passion to a dynamic team addressing impactful challenges, we invite you to apply for this exciting opportunity with BMT. Join us in shaping a safer, more efficient, and sustainable future.

A message to recruitment agencies: We receive applications exclusively via our ATS. Please note that we do not accept CVs submitted via email to the HR department or staff within our Operational teams. We will not progress CVs shared on a speculative basis by email and you accept our right to pursue such candidates with no obligation to third-party terms and conditions or liability to a fee.