Senior Cyber Security Consultant/ Risk

Job Description

Competitive Salary + 25 Days Holiday + Birthday Day Off + Pension + Benefits

Clearance Level: Full-time Hold a current government security vetting at SC level (or be eligible)

Role and Responsibilities: 

Our client is an end-to-end Cybersecurity group who are going through a period of growth. This role is working within their consulting team supporting new and existing clients across various sectors to define and implement security architectures and solutions to match requirements. You will be working in close partnership with clients to ensure the delivery of expert services complementing in-house Information and Cyber Security resources and bringing an expertise in information Security Risk Management with good technical ability combined with the skills to deliver business risk advice at all levels of the client organisation.


The role: 

As a Cyber Security Consultant, you will be required to undertake security risk assessments within an Agile software delivery lifecycle framework. You will possess a good technical background and have experience in delivering complex and innovative risk management plans using a range of skills and knowledge to include workshops to deliver risk discovery, risk assessment and risk treatment activities. You will have excellent verbal and written communication skills with the ability to articulate risk to both business risk owners and technical product owners at a senior level. You will be working with our clients to identify risks and consider appropriate controls to mitigate those risks, working with agile teams to ensure risks are understood and continually managed whilst delivering value to end users as quickly as possible and allowing business risk owners to make fully informed risk-based decisions.


General Responsibilities:

• Work with multi-disciplinary teams, helping to ensure that products are delivered in a secure manner that is aligned with the wider business risk appetite.

• produce informative and succinct reporting that clearly articulates any identified vulnerabilities and associated risks.

• Facilitate workshops with the various Authority departments, to align with wider HMG transformational Security and risk management outcomes.

• provide accurate and pragmatic remediation/risk management guidance/advice. To be epic at the role you will …

• Have an excellent understanding of risk management and assessment principles and frameworks, such as ISO27005. • Have Knowledge of risk assessment in and agile delivery environment

• Be skilled in workshop facilitation particularly risk identification and assessment.

• Exceptional team working ethic and interpersonal skills

• Good level of knowledge of the cyber security industry

• Have a good understanding of modern IT technologies and services, such as Cloud Computing, Mobile Computing, IT Security, and Infrastructure technologies and demonstrate an understanding of security architecture

• As a team we’re always looking to raise the bar, learn new things and incorporate new technologies and you will too! You’ll share your knowledge with the team, our clients and the wider group community, contributing to Group blogs and undertaking research related to technology enhancements.

Desirable Skills, Experience and Certifications • CISSP or CISM • CRISC certification • Experience of working in an HMG environment • Good knowledge of NCSC guidance • CCP SIRA – preferably at Senior level.