Join to apply for the
Product Security Engineer
role at
BAE Systems Australia
.
Role location: SA-Ed Parks or VIC-Melbourne Central Office
Grade: 6
Referral Fee Value: $3000
Purpose of Job
To deliver Product Security programs for projects undertaken by the Company. The role requires continuous integration with other engineering streams. The Product Security Engineer will work with the other project design (software, hardware, mechanical, etc.) and support teams to ensure a systems orientated, integrated approach is taken with respect to the product security related development, verification and sustainment activities.
Principal accountabilities
Develop (with guidance) or contribute to the development of Cyber and Product Security Risk Assessments. Maintain the Product Security Risk Assessments throughout the life of the project.
Develop and manage Product Security requirements and documentation (System Security Plan, System & Subsystem Specifications, security controls database, design documents, component specifications, interface specifications, subcontractor Product Security requirements, etc.), including regulatory and statutory requirements.
Perform System Engineering activities for product security requirements including functional analysis, candidate solution development, system design, system analysis, integration, system tests, assessment tests and system accreditation.
Develop and execute product security tests to verify that the implemented designs conform to specifications and to uncover vulnerabilities.
Provide support for assurance that the design meets customer, regulatory and statutory requirements, applies valuable security industry practices, mitigates security risks to the agreed level and addresses hazards related to security; provide supporting documentation for the safety case.
Maintain the design and its documentation in accordance with the applicable configuration management, change management and traceability processes.
Provide realistic programme status, identify problem areas and implement agreed recovery plans.
Key criteria
Knowledge of commonly used Australian and Industry security standards and accreditation frameworks (e.g., PSPF, DSPF, ISM, ISO 27001/2, NIST SP, HB167-20006, RMF, OWASP, CIS) is advantageous.
Experience within a Product and Cyber Security Engineering discipline encompassing physical, cyber and emissions security and cyber resilience concepts.
Working knowledge of CISSP or GSEC and CISA or CRISC is desirable.
Good knowledge of ICT vendors' technologies.
Bachelor's degree in an Engineering discipline is desirable.
Defence security clearance or eligibility to obtain and eligibility to be cleared for ITAR regulations.
Note: Please apply to Sara Milne online by close of business on the closing date. Your application should include a resume; a cover letter is preferred. It is a business expectation to advise your line manager of your application.
Note: Business impact will need to be considered and negotiated transition plans will be required for internal appointments.
Employees are encouraged to refer others for this vacancy – refer to the Employee Referral Scheme for eligibility and instructions on how to use our online referral portal. Internal applicants will be given priority.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology
Industries: Defense and Space Manufacturing
#J-18808-Ljbffr
📌 Product Security Engineer
🏢 BAE Systems Australia
📍 Australia