Reporting to the EMEA Information Security Officer, the Information Security Engineer will be responsible for the security engineering, accreditation, and lifecycle assurance of classified and sensitive IT systems. The role will support the design, implementation, operation, and continuous improvement of secure IT environments, ensuring compliance with UK Government, MoD, and Lockheed Martin security requirements.
The successful candidate will work closely with programme teams, architects, infrastructure engineers, accrediting authorities, and information assurance stakeholders to ensure security is embedded throughout the system lifecycle.
Key Responsibilities:
-
Lead the implementation of Secure by Design principles across classified IT systems and projects.
-
Provide security engineering expertise throughout the system development and operational lifecycle, ensuring security requirements are identified and implemented from concept through disposal.
-
Conduct security architecture reviews, threat assessments, and technical risk analysis for classified environments.
-
Support the development and maintenance of system security documentation, security architectures, and security operating procedures.
-
Lead and coordinate system accreditation activities for classified and sensitive systems.
-
Develop and maintain accreditation artefacts including Risk Management and Accreditation Documentation Sets (RMADS), Security Cases, Security Management Plans, and supporting evidence.
-
Work with Accreditors, Security Controllers, and customer security representatives to obtain and maintain Authority to Operate (ATO) approvals.
-
Ensure continued compliance with applicable regulatory, contractual, and customer security requirements throughout system operation.
-
Identify, assess, and mitigate cybersecurity risks within classified IT environments.
-
Conduct security assessments, vulnerability reviews, and compliance audits against corporate and government security standards.
-
Support risk treatment planning and remediation activities.
-
Ensure alignment with NCSC, MoD, JSP, NIST, and Lockheed Martin security policies and standards where applicable.
-
Support incident response investigations affecting classified systems.
-
Assist with vulnerability management, patch management, and security monitoring activities.
-
Participate in security reviews and technical investigations to identify root causes and corrective actions.
-
Provide technical guidance to system administrators and engineering teams on security controls and best practices.
-
Collaborate with programme managers, solution architects, IT teams, information assurance practitioners, and customer representatives.
-
Provide security guidance to project teams during system design, implementation, and operational support phases.
-
Support customer and regulatory audits and inspections.