About

• Job Title: Cyber Risk & Assurance Assessor
• Salary: Up to £65,000 dependent on skills and experience
• Location: Scotstoun - We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role

What you’ll be doing

• Delivery of Cyber Security Assessments/Audits against internal control framework
• Conduct Risk Assessments of IT and OT systems with the business stakeholders
• Manage risk remediation activities to within risk tolerance
• Co-ordinate penetration tests of systems in your scope as per the penetration testing schedule
• Support delivery of sweeps using Technical Surveillance Counter Measures (TSCM) equipment
• Support the business to develop cyber capability through the delivery of training
• Coach other team members and wider IT on Cyber security controls and best practice
• Support cyber security awareness via events and other activities in the business

Your skills and experiences

Essential

• In-depth knowledge of industry standard security policy, standards (preferably NIST 800-53) and good practice guidance and their application to a variety of IT solutions processing protectively marked information.
• IT Security assurance experience, dealing with security risk, requirements, technologies and architectures.
• Experience in risk management and the application of risk management methodologies, as well as in-depth knowledge of cyber risk management: threats, vulnerabilities and risk mitigations techniques
• Experience of conducting cyber security audits or assessments systems against comprehensive cyber security standards

Desirable

• CISSP, CISA/CISM or ISO27001 certification
• Experience with Operational Technology

Benefits

• As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive.

The Cyber Assurance Team

• Join a growing team where you’ll take ownership of core cyber assurance activities. You will deliver cyber security assessments to ensure IT and OT systems are secure and have effective Cyber controls, measure and manage cyber risk, and oversee penetration testing and vulnerability analysis to drive mitigation actions. To be able to do this effectively you will work closely with stakeholders throughout the business whilst promoting security, and build emerging cyber capabilities — including developing your skills in TSCM technologies.
• Why BAE Systems?
• This is a place where you’ll be able to make a real difference. You’ll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you’ll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.
• Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks.
• Closing Date: 5th March 2026
• We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible.
• #LI-AP1
• #LI-hybrid