The following job is no longer available:
Aviation Security Risk and Compliance Engineer
Aviation Security Risk and Compliance Engineer
Aviation Security Risk and Compliance Engineer
Posted 18 days ago
- London, Greater London
- Any
- External
- Expired - 2 months ago
Aviation Security Risk and Compliance Engineer Inmarsat Inmarsat is the leading satellite service provider, offering mobile satellite communication services and delivering reliable, seamless global connectivity.
View company page
On May 31, 2023, Viasat completed its acquisition of Inmarsat, combining the teams, technologies and resources of the two companies to create a new global communications partner and continues to power the digitalisation of them maritime industry, making operations more efficient and safer than ever before.About ViasatViasatis a global communications company that believes everyone and everything in the world can be connected. With offices in 24 countries around the world, our mission shapes how consumers, businesses, governments and militaries around the world communicate and connect. Viasat is developing the ultimate global communications network to power high-quality, reliable, secure, affordable, fast connections to positively impact people's lives anywhere they are—on the ground, in the air or at sea, while building a sustainable future in space.Platforms & Software (P&S)The Platformsand Software (P&S)division maintains a centre of excellence for technology and broader infrastructure-related innovation, translating market needs into core expansion programmes to enable market development. We ensure that products and services are constantly pushing the boundaries of satellite communications. The P&S team is responsible for delivering development programmes, including satellites and launchers, ground infrastructure (ground stations, networks, user terminals and access technology), regulatory, market access and product and service development.Job DescriptionPrimary role purpose:The Aviation Security Risk and Compliance Engineer will work within a small team within the Platforms and Software Services group who are responsible for software platforms, infrastructure, and development to support current and future demand for Inflight Connectivity Services.As a Security Risk and Compliance Engineer, you will play a crucial role in ensuring the safety and security of our organization's systems and data. With the constant threat of cyber attacks and the ever-evolving regulatory landscape, your expertise in security risk management and compliance will help us maintain a robust security posture.In this role, you will be responsible for identifying potential vulnerabilities and risks, conducting risk assessments, and implementing appropriate security controls. You will also be involved in reviewing and updating security policies and procedures, as well as collaborating with internal teams and external stakeholders to ensure security best practices and compliance with industry regulations and standards.The role requires close working with industry partners including aircraft manufacturers (i.e. Airbus and Boeing), avionics suppliers and airlines. Representing Viasat as a technical expert in meetings with these partners/customers and must be capable of dealing confidently with experts in similar and adjacent disciplines.If you are a detail-oriented professional with a strong analytical mindset and a passion for security, this is an excellent opportunity to contribute to the safety and success of our services. Join us and be part of a dynamic and rewarding environment where your skills will make a real difference.Key Responsibilities:Develop and maintain a comprehensive security risk management frameworkWrite technical and business and compliance documentation/reports.Provide subject matter expertise to project, delivery teams and Platform Operations teams.Provide project driven support for Aircraft Network Security functions and help ensure these are delivered on time and within budget and complaint to applicable regulations by Steering and Auditing internal and external contributors.Form strong technical relationships with peers at satcom avionic manufacturers, airframers, ESA, and Inmarsat service providers to help Manage for infrastructure implementation, verification, and change management securityContribution towards relevant internal standards and configuration templates.Conduct regular risk assessments identifying vulnerabilities, threats and remediationsLiaising with Cyber Security teams on reporting on network and security advisoriesOwn & Audit the enforcement of security controls and measures to mitigate identified risksReview and recommend updates to security policies and/or procedures/standards to ensure compliance with industry regulations and best practicesCollaborate with internal teams to establish security requirements for new systems and applicationsMonitor and analyse security incidents and perform incident response activitiesWork with others within the Technology and Operations teams to achieve aboveQualificationsEssential Knowledge and Skills:You must be eligible to work in this location advertisedIn-depth knowledge of security frameworks, such as NIST, ISO 27001, and PCI DSSProven experience in security risk management & compliance in ISO 27001, GDPR, PCI DSSStrong understanding of network security principles and practicesExperience in conducting risk assessments and threat modellingGenerally proficient in Linux operating systems (e.g., Red Hat, CentOS, Alma, ubuntu)Familiarity with security technologies, including firewalls, intrusion detection systems, and encryption techniquesAbility to work in a team environmentand be able to prioritise own scheduleAbility to work under pressure and show flexibility when requiredWillingness to learn new skills and be self-motivate.Professional certifications, such as CISSP, CISA, or CRISC, similarExperience in the identification and capture of IT functional and non-functional requirements for large, complex projectsStrong inter-personal skills including the ability to establish & maintain relationships & trustAbility to work in a complex, international matrix organization alongside 3rd-partiesDesirable Knowledge and Skills:Demonstrable knowledge of national and international legislation & regulatory frameworks (EASA, ICAO, FAA etc) as well as the bodies that set the standards (BSi, LAA, CEN etc)Knowledge of aeronautical Air Traffic Service domain in areas such as standards (e.g. ARINC, RTCA, Eurocae), or CertificationProven experience in security risk management and compliance within the aviation industryBachelor's degree in Computer Science, Information Security, or a related fieldKnowledge of ancillary network tools monitoring / troubleshooting tools like Wireshark would be advantageousScripting knowledgeKnowledge of PKIKnowledge of networking technology including routers, switches, and firewallsGood knowledge of software development and engineering techniquesKnowledge of Inmarsat and other satellite communications systemsAdditional InformationYou must be eligible to work in this location advertised.Our culture and ways of workingOur values define our culture and represent what we believe in. Employees aspire to behaviours that support our values, which create a stronger working environment and lie at the heart of our continued success as an organisation.Accountability – we take ownership, we deliver results, and we keep our promisesRespect – we collaborate, we embrace and celebrate diversity and we value differenceExcellence – we create bold solutions for our customers and put quality at the heartof everything we doWe also value and encourage a healthy work-life balance, so we offer flexible working wherever possible. Depending on the operational requirements of your job and your team, we can offer compressed hours (nine-day fortnight), hybrid office-remote working, and flexibility during your working day to take care of personal commitments.DiversityWe want the best people for the job, and we warmly welcome applications from you if you’re suitably qualified and eligible, regardless of your sex, gender, age, race, ethnicity, disability, sexuality, gender identity, neurodiverse qualities, religion or belief, marital status, pregnancy, or maternity status.We are signed up to the Halo Hair Code, which aims to protect employees who come to work with natural hair and protective hairstyles associated with their racial, ethnic, and cultural identities.To give you the best experience possible during your application process and interview, we can make adjustments. For example, if you’re visually impaired we’ll happily meet you locally and help you find your way to our office, or if you have neurodiverse qualities, we can provide you with additional support to help you prepare for your interview. Please let our Resourcing Team know if there are any ways in which we can support you.Explore more InfoSec / Cybersecurity career opportunitiesFind even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr
View company page
On May 31, 2023, Viasat completed its acquisition of Inmarsat, combining the teams, technologies and resources of the two companies to create a new global communications partner and continues to power the digitalisation of them maritime industry, making operations more efficient and safer than ever before.About ViasatViasatis a global communications company that believes everyone and everything in the world can be connected. With offices in 24 countries around the world, our mission shapes how consumers, businesses, governments and militaries around the world communicate and connect. Viasat is developing the ultimate global communications network to power high-quality, reliable, secure, affordable, fast connections to positively impact people's lives anywhere they are—on the ground, in the air or at sea, while building a sustainable future in space.Platforms & Software (P&S)The Platformsand Software (P&S)division maintains a centre of excellence for technology and broader infrastructure-related innovation, translating market needs into core expansion programmes to enable market development. We ensure that products and services are constantly pushing the boundaries of satellite communications. The P&S team is responsible for delivering development programmes, including satellites and launchers, ground infrastructure (ground stations, networks, user terminals and access technology), regulatory, market access and product and service development.Job DescriptionPrimary role purpose:The Aviation Security Risk and Compliance Engineer will work within a small team within the Platforms and Software Services group who are responsible for software platforms, infrastructure, and development to support current and future demand for Inflight Connectivity Services.As a Security Risk and Compliance Engineer, you will play a crucial role in ensuring the safety and security of our organization's systems and data. With the constant threat of cyber attacks and the ever-evolving regulatory landscape, your expertise in security risk management and compliance will help us maintain a robust security posture.In this role, you will be responsible for identifying potential vulnerabilities and risks, conducting risk assessments, and implementing appropriate security controls. You will also be involved in reviewing and updating security policies and procedures, as well as collaborating with internal teams and external stakeholders to ensure security best practices and compliance with industry regulations and standards.The role requires close working with industry partners including aircraft manufacturers (i.e. Airbus and Boeing), avionics suppliers and airlines. Representing Viasat as a technical expert in meetings with these partners/customers and must be capable of dealing confidently with experts in similar and adjacent disciplines.If you are a detail-oriented professional with a strong analytical mindset and a passion for security, this is an excellent opportunity to contribute to the safety and success of our services. Join us and be part of a dynamic and rewarding environment where your skills will make a real difference.Key Responsibilities:Develop and maintain a comprehensive security risk management frameworkWrite technical and business and compliance documentation/reports.Provide subject matter expertise to project, delivery teams and Platform Operations teams.Provide project driven support for Aircraft Network Security functions and help ensure these are delivered on time and within budget and complaint to applicable regulations by Steering and Auditing internal and external contributors.Form strong technical relationships with peers at satcom avionic manufacturers, airframers, ESA, and Inmarsat service providers to help Manage for infrastructure implementation, verification, and change management securityContribution towards relevant internal standards and configuration templates.Conduct regular risk assessments identifying vulnerabilities, threats and remediationsLiaising with Cyber Security teams on reporting on network and security advisoriesOwn & Audit the enforcement of security controls and measures to mitigate identified risksReview and recommend updates to security policies and/or procedures/standards to ensure compliance with industry regulations and best practicesCollaborate with internal teams to establish security requirements for new systems and applicationsMonitor and analyse security incidents and perform incident response activitiesWork with others within the Technology and Operations teams to achieve aboveQualificationsEssential Knowledge and Skills:You must be eligible to work in this location advertisedIn-depth knowledge of security frameworks, such as NIST, ISO 27001, and PCI DSSProven experience in security risk management & compliance in ISO 27001, GDPR, PCI DSSStrong understanding of network security principles and practicesExperience in conducting risk assessments and threat modellingGenerally proficient in Linux operating systems (e.g., Red Hat, CentOS, Alma, ubuntu)Familiarity with security technologies, including firewalls, intrusion detection systems, and encryption techniquesAbility to work in a team environmentand be able to prioritise own scheduleAbility to work under pressure and show flexibility when requiredWillingness to learn new skills and be self-motivate.Professional certifications, such as CISSP, CISA, or CRISC, similarExperience in the identification and capture of IT functional and non-functional requirements for large, complex projectsStrong inter-personal skills including the ability to establish & maintain relationships & trustAbility to work in a complex, international matrix organization alongside 3rd-partiesDesirable Knowledge and Skills:Demonstrable knowledge of national and international legislation & regulatory frameworks (EASA, ICAO, FAA etc) as well as the bodies that set the standards (BSi, LAA, CEN etc)Knowledge of aeronautical Air Traffic Service domain in areas such as standards (e.g. ARINC, RTCA, Eurocae), or CertificationProven experience in security risk management and compliance within the aviation industryBachelor's degree in Computer Science, Information Security, or a related fieldKnowledge of ancillary network tools monitoring / troubleshooting tools like Wireshark would be advantageousScripting knowledgeKnowledge of PKIKnowledge of networking technology including routers, switches, and firewallsGood knowledge of software development and engineering techniquesKnowledge of Inmarsat and other satellite communications systemsAdditional InformationYou must be eligible to work in this location advertised.Our culture and ways of workingOur values define our culture and represent what we believe in. Employees aspire to behaviours that support our values, which create a stronger working environment and lie at the heart of our continued success as an organisation.Accountability – we take ownership, we deliver results, and we keep our promisesRespect – we collaborate, we embrace and celebrate diversity and we value differenceExcellence – we create bold solutions for our customers and put quality at the heartof everything we doWe also value and encourage a healthy work-life balance, so we offer flexible working wherever possible. Depending on the operational requirements of your job and your team, we can offer compressed hours (nine-day fortnight), hybrid office-remote working, and flexibility during your working day to take care of personal commitments.DiversityWe want the best people for the job, and we warmly welcome applications from you if you’re suitably qualified and eligible, regardless of your sex, gender, age, race, ethnicity, disability, sexuality, gender identity, neurodiverse qualities, religion or belief, marital status, pregnancy, or maternity status.We are signed up to the Halo Hair Code, which aims to protect employees who come to work with natural hair and protective hairstyles associated with their racial, ethnic, and cultural identities.To give you the best experience possible during your application process and interview, we can make adjustments. For example, if you’re visually impaired we’ll happily meet you locally and help you find your way to our office, or if you have neurodiverse qualities, we can provide you with additional support to help you prepare for your interview. Please let our Resourcing Team know if there are any ways in which we can support you.Explore more InfoSec / Cybersecurity career opportunitiesFind even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr
.webp "Apply4U | Sign Up")
.webp "Apply4U | Contact Us")
.webp "Apply4U | Sign up")
