Job DescriptionAt Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.Introduction:Boeing Defence UK (BDUK) is a subsidiary of the Boeing Company and currently employs over 1,200 people in the UK. BDUK is currently responsible for delivering support to a variety of Logistics Applications via the Support Chain Information Services (SCIS) contract, and is transitioning to its successor, the Bridging the Gap (BtG) contract. As part of the delivery of these contracts, the Information Assurance team provides assurance support to the MOD, encapsulating support for a number of applications to the standards required by both Boeing and the Authority contract.An exciting opportunity has become available to join the BDUK Information Assurance Team as an Junior Information Assurance Analyst in support of the new BtG contract.Role:The Information Assurance Analyst supports the maintenance of programme Information Security and Assurance activities for assigned systems to meet the programme and enterprise requirements, policies, standards, guidelines and procedures. The post works under the Information Assurance Team Lead and works with the MOD IS Programme Manager.The post is located primarily in Bristol, offering a hybrid mix of remote/telecommuting and on-site working. The successful candidate will also be required to provide representation at MOD Corsham on a regular basis both remotely and in person.The successful candidate will need to have recent practical experience in a high tempo working environment and be motivated to join an established Information Assurance team in the UK.BDUK Information Assurance professionals are expected to work closely with their Information Assurance and Security counterparts to deliver an integrated and focused security effect. Experience of working with UK MOD organizations is helpful, and knowledge of Information Assurance and MOD Security policies such as JSP440 and JSP604 is desirable.Role Activities:Support the IA Team Lead in maintenance of the IA&SMP, RMADS and other relevant security documentation;Provide advice and guidance on applicable security policy and technical solutions to internal and external partners;Facilitate the completion of and timely presentation of the accreditation evidence to the Authority Accreditor;Support accreditation of the Core IMS and associated activity;Lead on accreditation of IS within the Portfolio, primarily Amber and Green channel cases;Identification and recording of risks related to IS from the Portfolio;Management of risk register entries, presentation of entries to relevant partners, and customer concern through appropriate channels if requiredAppraisals of system specific security testing, evaluation and certification activities in conjunction with the Authority;Collaboration within the SCIS DP to identify hardware or software security vulnerabilities, malicious software and other security related weaknesses including the areas of obsolescence, patching and anti-virus;Ensuring the SCIS DP follows the procedures detailed in JSP440 Leaflet 15 and the SCIS DP Forensic Readiness Plan in reporting of hardware or software vulnerabilities, incidents or weaknesses in accordance with reasonable instruction of the Authority Accreditor;Perform auditing activity against all applicable aspects of the programme within scope of ISO27001, to schedule as defined in the contract and as directed by the IA Team Lead;Provide Impact Assessments for changes as presented by PMO Team and Project Managers;Representation of assurance interests at standing meetings including project gates, accreditation and risk reviews, application working groups, impact assessments, etc;Ensure presentation of SyOPs for IS from the Portfolio is in accordance with contractual obligations.Work Authorisation: This requisition is for a locally hired position in the UK. Candidates must have current legal authorisation to work immediately in the United Kingdom. Boeing will not attempt to obtain Immigration and labour sponsorship for any applicants. Benefits and pay are determined at the local level and are not part of Boeing U.S. based payroll.Typical Qualifications/Education:Ideally qualified to degree level (or equivalent) or with relevant information security experience, particularly within a similar role in UK Government or Defence.Relevant industry security certifications would be advantageous (e.g. SSCP, ISO27001 Auditor).Essential knowledge and skills:Knowledge of systems and security verification, validation, testing and evaluation approaches.Understanding of information security Risk Assessments, Risk Treatment Plans and Risk Management and Accreditation Documents in accordance with ISO27001Pragmatic approach to the recommendation of security controls.Ability to plan, prioritise and run workload under general supervision, with general instructions for special assignments.The successful applicant must have an active, or be eligible to obtain, Security Clearance (SC)Desirable knowledge and skills:Knowledge and understanding of MOD and Government information security policy, standards and guidance.Experience of working within a multinational matrix management environment/ structure and a large-scale, sophisticated international organization, but also within small teams, would be highly helpful.Experience of working with and accrediting MOD Applications for deployment onto the Defence Network, including knowledge of various MOD publications such as JSP440, JSP604 etc. and tools such as DART.Experience of participating in developing security solutions in response to customer requirements.Understanding of data protection controls and practices, and awareness of wider regulations such as ITAR.Equal Opportunity Employer:Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.