Information Security Engineer

  • Job ref:


  • Location:

    Portsmouth, Hampshire

  • Sector:


  • Job type:


  • Salary:

    £36000 - £50000 per annum + Excellent

  • Contact:

    Harry Garvin

  • Email:

  • Published:

    almost 2 years ago

  • Consultant:


Information Security (Infosec) Engineer


Salary: £36,000 - £50,000pa

Location: Portsmouth

A global aerospace and defence organisation are seeking an Information Security Engineer to join a highly-skilled Combat Systems team, to work with advanced technology to minimise the risk of both cyber threats and social attacks.

As an Information Security Engineer, you will be tasked with ensuring our products across the Maritime Sector are secure by design, achieve security accreditation and maintain security through-life.

This role will provide you with the opportunity to liaise with stakeholders, influence engineering design, produce documentation in support of accreditation, provide advice and guidance to shape technical solutions and support embedding our security culture across the business.

Responsibilities - Information Security Engineer

  • Designing and shaping the technical security architecture of a number of strategically important products to ensure they are secure by design

  • Liaising with the system accreditor(s) and stakeholders to manage expectations and ensure that security requirements are met and risk is reduced to acceptable level

  • Determining of the security principles for the project solution to work within

  • Producing documentation such as product security architecture and Risk Management Accredited Document Set - (RMADS) for support of accreditation. Collecting evidence for the security case

  • Inputting security sections of bid proposal documents and producing estimates, and security principle frameworks

  • Contributing to the wider Product Security Function - delivering training, presenting at Special Interest groups, improving processes

  • Keeping up to date in relevant security standards, process and technologies, develop skills and capabilities to be able to provide more effective services

  • Supporting the product security Special Interest Group by sharing best practice

Skills and qualifications - Information Security Engineer


  • Fundamental understanding of computer technologies, how they are networked together, different protocols, operating systems and applications

  • Good knowledge and understanding of security risk assessments and RMADS (Risk Management Accredited Document Set) or alternatively other formal security risk assessments or audits such as ISO 27000 family of standards, JSPs, NIST (National Institute of Standards in Technology) etc.


  • Systems engineering experience and background

  • Ability to identify and investigate technology to understand the security flaws and how to mitigate them

  • Good technical understanding of systems and how their security aspects are applied and affect performance

  • An understanding of Defence Standards/Security Regulations