Cyber Delivery Assurance Lead

Join a leading Aviation company as a Cyber Delivery Assurance Lead.

• Will be working on the BA.com project
• Work closely with delivery teams and Cyber teams
• Work with the Architect to get reviews
• Experience with Gira, speak to the teams to get proof of what the teams have done and evidence
• Good communication skills, need to be able to speak technically and operationally

• Provide assurance to the Head of Cyber Delivery Assurance that product delivery and maintenance meet BA's risk appetite and that controls are operating effectively.
• Successfully embedding security by design with proportionate appropriate cyber controls aligned to risk.
• Senior stakeholder management (negotiation and influencing) across multinational organisations, including third party suppliers and delivery partners.
• Take full responsibility for the secure delivery of programmes, by assisting the product team by interpreting and embedding Cybersecurity policies, standards, guidelines and procedures into an agreed framework against all product team deliverables.
• Engage proactively with the
  Cybersecurity Office (CSO) project assurance and architecture functions, ensuring consistency and best cyber practice is adhered to.
• Provide authoritative advice and guidance on the application and operation of all types of security controls, including legislative or regulatory requirements.
• Advise users on risk management and reduction and promote awareness in conjunction with cyber awareness programmes.

• Broad technical knowledge of cybersecurity controls is demonstrated by attainment of appropriate qualifications, e.g. CISSP, ISO27001 Lead Implementor or relevant SANS GIAC or equivalent.
• Knowledge of the NIST framework, PCI DSS, GDPR and NIS as well as NCSC cyber guidance.
• Experience working in an agile delivery environment would be highly advantageous.
• Specific cyber knowledge and demonstrable experience in at least one of the following areas: cloud security, network security, digital security (multi-platform), infrastructure security, security by design, security architecture
• Experience working in a regulated environment with specific cyber requirements that require interpretation and application.

Interview Process: 2 Rounds

If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.