Overview
PURPOSE OF JOB: To deliver Product Security programs for projects undertaken by the Company. The role requires continuous integration with other engineering streams. The Product Security Engineer will work with the other project design (software, hardware, mechanical, etc.) and support teams to ensure a systems orientated, integrated approach is taken with respect to the product security related development, verification and sustainment activities.
Location and Grade
Location: SA-Ed Parks or VIC-Melbourne Central Office
Grade: 6
Referral Fee Value: $3000
Responsibilities
* Develop (with guidance) or contribute to the development of Cyber and Product Security Risk Assessments. Maintain the Product Security Risk Assessments throughout the life of the project.
* Develop and manage Product Security requirements and documentation (System Security Plan, System & Subsystem Specifications, security controls database, design documents, component specifications, interface specifications, subcontractor Product Security requirements, etc.), including the regulatory and statutory requirements.
* Perform System Engineering activities for product security requirements including functional analysis, candidate solution development, system design, system analysis, integration, system tests, assessment tests and system accreditation.
* Develop and execute product security tests to verify that the implemented designs conform to specifications and to uncover vulnerabilities.
* Provide support for assurance that the design meets customer, regulatory and statutory requirements, applies good security industry practices, mitigates security risks to the agreed level and addresses hazards related to security; provide supporting documentation for the safety case.
* Maintain the design and its documentation in accordance with the applicable configuration management, change management and traceability processes.
* Provide realistic programme status, identify problem areas and implement agreed recovery plans.
Key Criteria
* Knowledge of commonly used Australian and Industry security standards and accreditation frameworks (eg. PSPF, DSPF, ISM, ISO 270001/2, NIST SPs, HB167-20006, RMF, OWASP, CIS) is advantageous.
* Experience within a Product and Cyber Security Engineering discipline encompassing physical, cyber and emissions security and cyber resilience concepts.
* Working knowledge of CISSP or GSEC and CISA or CRISC is desirable.
* Good knowledge of ICT vendors' technologies.
* Bachelor's degree in an Engineering discipline is desirable.
* Defence security clearance or eligibility to obtain and eligibility to be cleared for ITAR regulations.
Application and Other Notes
Please apply to Sara Milne online by close of business on the closing date. Your application should include a resume and, whilst not essential, a cover letter is preferred. It is also a business expectation to advise your line manager of your application. Please note that business impact will need to be considered and negotiated transition plans may be required for internal appointments. Employees are encouraged to refer others for this vacancy via the Employee Referral Scheme.
Seniority level
* Mid-Senior level
Employment type
* Full-time
Job function
* Information Technology
Industries
* Defense and Space Manufacturing
Referrals increase your chances of interviewing at BAE Systems Australia. Get notified about new Product Security Engineer jobs in Edinburgh, South Australia, Australia.
#J-18808-Ljbffr