Information Security Classified Networks Technical Lead

Location(s): UK, Europe & Africa : UK : Guildford

Job Title: Information Security Classified Networks Technical Assurance Lead

Location: Guildford, with some option for hybrid working.

We offer a range of hybrid and flexible working arrangements – please speak to your recruiter about the options for this particular role.

What you’ll be doing

• Technical Risk Management – Conduct in-depth technical risk assessments of IT systems, networks, and applications in your area of responsibility. Identify potential vulnerabilities and recommend mitigation strategies.
• Accreditation and Compliance – Lead Accreditation and the continuation of accreditation work, interfacing with the IT team, Accreditor, and affected business units. Maintain accreditation and compliance with frameworks such as Secure by Design, NIST-800-53, STRAP.
• Security Testing – Scope and oversee penetration testing, vulnerability scanning, and other security validation activities to ensure the effectiveness of security controls.
• Design and Architecture Review – Assess the Information Security of IT architecture and system designs during project lifecycles, providing recommendations to ensure secure design principles are applied.
• Policy and Standards – Develop and enforce technical security policy, procedures, standards, and guidance to ensure effective implementation across projects and teams.
• Continuous Improvement – Identify gaps and areas for improvement in security controls and processes. Drive initiatives to enhance security assurance capabilities.
• Stakeholder Communication and Reporting – Provide detailed assurance reports to stakeholders, including Accreditors, Leadership, and Technical teams. Communicate technical risks and mitigation strategies effectively to both technical and non-technical audiences.
• Collaboration with Teams – Work closely with engineering, development, and operations teams to embed Information Security into workflows, fostering collaboration between IT support, assurance, governance, and risk management functions.
• Security Assurance Framework Development – Review and revise Information Security frameworks for assessing the security posture of systems, applications, and infrastructure, ensuring alignment with organizational objectives, industry standards, and compliance requirements.
• Promoting high security standards and integrity

Your skills and experiences

• Expert understanding of security concepts and principles (CIA triad, risk management, compliance frameworks applicable to classified networks and systems).
• Expert understanding and application of both UK government and defence Accreditation standards, including Secure by Design, NSCS/NPSA Risk Management, NIST800-53, STRAP, DEF STAN 05-138, ISO27001.
• Robust knowledge and experience in developing and reporting performance and risk metrics (e.g., KPIs/KRIs – Status Reporting and Dashboard for senior management).
• Strong organisational, time management, and diplomacy skills.
• Independent tasking and project completion with minimal supervision.
• Excellent analytical and problem-solving skills, as well as interpersonal skills to interact with users, team members, and senior management.
• Excellent written and verbal communications.
• Expert application of MS Office and other widely used office automation software.
• Experience in Government/List X/Facilities Security Clearance and Commercial security.
• Ability to obtain a high level of Government Security Clearance.
• Assist with any security tasks as deemed appropriate by the Head of Information Security or Chief Security Officer.
• Assist in promoting knowledge of industry security regulations and standards.
• Promote and ensure BAE Systems Behaviours.
• Must already hold UKSV with the ability to obtain Developed Vetting National Security Clearance.
• Must be a UK National.

Benefits

As well as a competitive pension scheme, BAE also offers employee share plans, an extensive range of flexible discounted health, wellbeing & lifestyle benefits, including a green car scheme, private health plans, and shopping discounts – you may also be eligible for an annual incentive.

The Information Security team is critical to BAE Systems. You will be part of a small, highly effective, and supportive team with a collaborative dynamic where team members can thrive.

Why BAE Systems?

This is a place where you’ll be able to make a real difference. You’ll be part of an inclusive culture that values diversity, rewards integrity, and merit, and where you’ll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently underrepresented within our industry, including women, ethnic minorities, people with disabilities, and LGBTQ+ individuals.

We also want to ensure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example, dyslexia, autism, an anxiety disorder, etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.

Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must, as a minimum, achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks.