Location(s): UK, Europe & Africa : UK : Guildford || UK, Europe & Africa : UK : Frimley 

BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.

Job Title: Lead Technical Engineer

Location: Guildford, Frimley - We offer a range of hybrid and flexible working arrangements – please speak to your recruiter about the options for this particular role

Who we are

Join BAE Systems and you’ll be part of something bigger. As a valued member of our global colleague network, you’ll bring your unique skills and perspectives to help pioneer progress and protect what matters most. You’ll be trusted to play your part in delivering the advanced, technology-led defence, aerospace and security solutions of tomorrow - shaping a safer future, for all of us.

From the depths of the ocean, to the far reaches of space - there’s no limit to where a career at BAE Systems could take you.

Role Description 

BAE Systems have been contracted to undertake the design and build of a dedicated Security Operations Centre (SOC) to support the cyber defence of a major international defence programme.  The information, systems and networks to be protected will be a mix of Microsoft Cloud services and on-premises data centres straddling multiple regions and classification levels.

We are looking for a talented and enthusiastic individual with excellent technical and client-facing skills, to act as Lead Technical Engineer to lead high and low level design work for Security Operations Centre solutions delivered to customers.  This is a mid level role and the individual will be expected to lead technology designs utilising small teams.

• Leading the design of a range of security and security related solutions across High level designs, Low level design and Deployment Level Designs, including specification of interfaces between solution components.
• Support the design and configuration of a range of security tools, such as: Splunk and Sentinel SIEM, Nessus Vulnerability management, Microsoft XDR and other as appropriate
• Specify infrastructure requirements (RAM, Disk, CPU, Network bandwidth) for security tools.
• Support the creation and establishment of both cloud hosting and containers, and OnPrem hosted VM’s and containers, apply security controls and compliance frameworks.
• Support the design and configuration of network security devices, network routers and switches, establishment of VLANs, DNS and identity management capability
• Support deployment of security tools to both cloud hosting and containers, and OnPrem hosted VM’s and containers
• Develop test procedures to test solutions meet functional and non-functional requirements
• Support creation and maintenance of requirements and user stories and ensuring that all user stories and requirements are tracked and traceable to solution components.
• Oversee deployment / implementation activities ensuring that entry criteria are met, all planned activities are completed and that rollback plans are initiated where required.
• Review and approve all required documentation as part of a release or change including design, deployment, configuration and administration guides.
• The role is a cyber technical specialist with knowledge of the Cyber Monitoring technologies and cyber threat tools, tactics, techniques and procedures.
• Develop test procedures to test solutions meet functional and non-functional requirements
• Generalist Technical SME to support deployment and configuration of various tools including Jira and Cribl

Core Duties 

• Knowledge and experience of design, build, deployment and operation of SOC technology including at least two of SIEM, SOAR, EDR, Vulnerability Management, Threat Intelligence, to identify signs of an intrusion.
• Experience deploying and configuring applications in a performant manner on cloud and / or OnPrem to support high data ingest rates.
• Proven delivery and experience leading conducting onboarding activities onto a SIEM
• Knowledge of OnPrem architectures & design including:
• Security controls and detection tools.
• Networking and Secure network architectures
• Understanding of OSI and TCP/IP models.
• IP addressing, subnetting, and routing protocols.
• Knowledge of LAN/WAN configurations and network security (ACLs, VLANs).
• Compute Services
• Storage Services
• Understanding of security best practices (least privilege, encryption).
• Understanding how to design scalable and resilient architectures.
• OS installation and administration (Windows and Linux).
• Cybersecurity Fundamentals
• Understanding of common threats (malware, phishing, DDoS) and mitigation techniques.
• Proficiency in risk assessment and vulnerability management.
• Security Systems Administration
• Experience managing endpoint security solutions (antivirus, EDR tools).
• Proficiency in user access control (Active Directory, LDAP).
• Ability to configure and maintain secure system policies (hardening servers).
• Other
• Understanding of typical Security Operations Organisation Structures, Policy and Processes.

• Good knowledge and experience of common Enterprise ICT services.
• Detailed understanding of threat intelligence and threat actors, TTPs and operationalising threat intelligence.

The Team

We work hard and often go the extra mile, but we recognise people’s efforts and that everyone has a life outside of work. We encourage people to speak up if they want to rotate to a new project.

Why BAE Systems

This is a place where you’ll be able to make a real difference. You’ll be part of an inclusive culture which values diversity, rewards integrity and merit, and where you’ll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently under-represented within our industry including women, ethnic minorities, people with disabilities and LGBTQ+ individuals

We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.

Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions such as your nationality, any nationalities which you previously may have held and your place of birth can restrict the roles you are able to perform within the organisation.

All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years  of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks.

Life at BAE Systems Digital Intelligence 

We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day.

By embracing technology, we can interact, collaborate and create together, even when we’re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance well-being.

Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds – the best and brightest minds – can work together to achieve excellence and realise individual and organisational potential.