The role of a Cyber Strategy Consultant is to provide expertise and thought leadership in one or more technical areas related to Cyber security:
This role is incredibly varied, you could be doing any of the following:
Ensuring and Advising: Giving broad direction, supervising, and objective setting responsibility.
Responsible for business and/or technical leadership in specialisms.
Confident and assured presenting results of technical analysis to clients at all levels
Actively managing risks, actions, issues & dependencies (RAID) when appropriate
Producing technical demonstrations and code which are high quality, ‘client-ready’ and/or complex proofs of concept.
Contributing critical technical expertise and/or assurance into complex bids and technical sales activities.
Providing accurate estimates of technical effort required for a complex or novel tasks.
What background are we looking for?
Overall we are looking for a motivated, proactive and individual, self-sufficient in business skills The ability to juggle conflicting priorities and demands on time as well as the being able to effectively manage stakeholders (internal and customer) and their expectations is essential. Excellent communication skills in English (written and Oral) along with the ability to self-manage and work autonomously will enable you to excel in this role. Due to the nature of the role you must currently hold a UK SC clearance and be able to achieve a UKIC DV.
Depending on whether you specialise in either Threat Intelligence or Incident Response your days will also include:
Our Threat Intelligence team investigates some of the most complex state-sponsored threat actors and intrusions on a daily basis. We currently have a vacancy for a Threat Intelligence Researcher in our team. The successful candidate would be expected to support investigations, threat research and open source investigations for customers.
We are looking for candidates with a strong understanding of the threat landscape which can be applied to supporting customer needs.
Investigate cyber intrusions and threat activity as part of the global Threat Intelligence team.
Conduct research on threat actors (from hacktivist to criminal to state), and their tools, techniques, and procedures (TTPs) using commercial and open sources.
Produce finished intelligence reports related to state and criminal threats, with insights into attacker techniques and identified campaigns.
Provide clear and concise written responses to customer inquiries/requests, and brief customers on specific relevant threats.
Report on the threat landscape and provide relevant trend analysis and technical insights to customers and other stakeholders.
Work in a collaborative environment with other intelligence analysts, technical specialists, and customer facing consultants.
Experience tracking actors or campaigns and their associated tactics, techniques, and tools.
Strong understanding of the cyber threat landscape and ability to communicate relevant insights to customers.
Self-starter with ability to identify problems early and come up with solutions using own initiative.
Ability to demonstrate comprehensive, practical knowledge of research / collection skills and analytical methods.
Ability to write concisely and proficiently, and express complex technical and non-technical concepts verbally, graphically/visually, and in writing.
Ability to communicate complicated technical challenges in business language to a range of stakeholders.
Technical skills with an interest in one or more of the following: open source intelligence investigations, digital forensics, infrastructure analysis, threat hunting, or malware reverse engineering.
Experience in delivering intelligence led assessments such as CBEST or TIBER.
Familiarity with threat data analysis and automation/scripting.
Familiarity with visualisation tools such as Maltego.
Our Incidence Response team investigates some of the most complex nation state threat actors and intrusions on a daily basis.
The successful candidate would be expected to conduct forensic analysis of Windows, Linux and macOS systems, analyse log files such as firewall, proxy and DNS logs, lead incident response investigations, threat research and malware based investigations. Members of the Incident Response team are encouraged to learn about other areas of the wider business (such as Threat Intelligence and Security Testing), and there will be opportunities to cross train and upskill if the successful applicant is interested.
We are looking for candidates with a strong technical background and deep understanding of the threat landscape that can be applied during emergency response and ongoing threat research.
Lead the investigation of cyber-attacks against our customers as part of the global Incident Response team.
Development of tradecraft in investigating complex attacks and mentoring of new joiners.
Conduct forensic analysis of Windows, Linux and macOS systems.
Perform analysis of log files such as firewall, proxy and DNS logs.
Assessment of tools, techniques, and procedures of different actors from hacktivist to criminal to nation state.
Strong subject matter expertise on investigating and responding to cyber intrusions.
Two years or more experience in investigating complex network intrusions (by state-sponsored groups or targeted ransomware attacks).
Experience using forensic tools such as EnCase, Axiom and Cellebrite UFED.
Awareness of EDR tools such as Carbon Black Response, Microsoft Defender for Endpoint or Tanium.
Self-starter with ability to identify problems early and come up with solutions using own initiative.
Ability to communicate complicated technical challenges in business language for a range of stakeholders from IT teams to C-level executives.
Ability to write Incident Response reports concisely and proficiently, as well as use graphics to illustrate scenarios or datasets.
Knowledge of or willingness to learn scripting/programming languages such as Python, PowerShell and C#.
Familiarity with the threat landscape and knowledge of threat actors and campaigns.
Certifications such as CREST (CCIM, CCHIA, CCNIA or CCMRE) or GIAC (GCFE, GCFA, GNFA, GCIH or GREM) an advantage.
How we will support you:
Work-life balance is important; you’ll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before
Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more
You’ll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE
Don’t know a particular technology? Your learning and development is key to your future career
You’ll be part of our bonus scheme
You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing.
About BAE Systems Applied Intelligence:
We help nations, governments and businesses around the world defend themselves against cyber-crime, reduce their risk in the connected world, comply with regulation, and transform their operations. We do this using our unique set of solutions, systems, experience and processes.
Our success is down to our people. The changing nature of our business means that we’re constantly looking for the brightest talent to help us fulfil our ambitions. As an experienced professional, we’ll entrust you with responsibility; this means that you’ll have client contact, variety and support from day one.
We’ll encourage and support you to develop your skills and reward you as you grow. Whatever your area of expertise, you’ll be much more than just a job title; you’ll be an integral part of the business where your individual contribution makes a difference every day. Great minds deserve great rewards, so we also offer a very competitive salary and benefits package.
Diversity and inclusion are integral to the success of BAE Systems Applied Intelligence. Staying competitive in today’s global marketplace requires an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds – the best and brightest minds – can work together to achieve excellence and realise individual and organisational potential. We also welcome discussions about flexible working.
Only those with the permanent and unrestricted right to live and work in the UK will be considered for a position within BAE Systems Applied Intelligence. Due to the nature of our work, successful candidates for this role will be required to go through Government SC clearance prior to starting with us. https://www.gov.uk/guidance/security-vetting-and-clearance
Life at BAE Systems Applied Intelligence
We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we’re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing.
Diversity and inclusion are integral to the success of BAE Systems Applied Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds – the best and brightest minds – can work together to achieve excellence and realise individual and organisational potential.
About BAE Systems Applied Intelligence
We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.
Division overview: Government
At BAE Systems Applied Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Government contracts are an area we have many decades of experience in. Our Government business unit houses four of our critical client groups: UK National Security, Global National Security, defence and central government. Government and key infrastructure networks are critical targets to defend as the effects of these networks being breached can be devastating.
As a member of the Government business unit, you will defend the connected world and ensure the protection of nations. We all have a role to play in defending our clients, and this is yours.
To apply for this job please visit career012.successfactors.eu.