Must hold current government security vetting at DV level, UK resident, UK Citizen by birth, Knowledge of risk management frameworks, Previous experience with Security Assurance in MOD, Desirable: Central Government Experience, NCSC Certified Cyber Professional/CISSP/CISM, ISO 27001:2013 Lead Auditor/Implementor, Agile project delivery.
Key responsabilities:
Implement security risk assessment and best practices
Lead, advise and implement risk management frameworks
Maintain awareness of vulnerabilities and best practices
Work cross-functionally to support project delivery
Contribute to research related to technology enhancements
Remote with travel to South East England or other customer sites as required
Role Requirements:
Must hold a current government security vetting at DV level
Must be currently resident in the UK
Must by UK Citizen by birth
Demonstrable knowledge of risk management frameworks and implementation of frameworks within organisations
Previously delivered Security Assurance with the MOD
Desirable
Central Government Experience
NCSC Certified Cyber Professional/ CISSP/ CISM
ISO 27001:2013(22) Lead Auditor/Implementor
Delivering Security within agile projects
Reward Package:
Salary Package - £65,000 - £80,000 DOE
25 days annual holiday + Birthday off in addition and option to buy/sell additional 5 days
Company Pension Scheme
Private medical Cover
Life Assurance
Extensive non-taxable benefits
THE ROLE
This is an exciting opportunity to join our world class Consultancy arm, as a Senior/Lead Cyber Security Risk Consultant, supporting the next phase of Cyberfort’s growth. You’ll be joining a culture of knowledge sharing and continuous learning with expert peers in Secure Architecture and Risk planning. We work across a number of sectors with a diverse client base. We aim to create an environment where everyone can reach their full potential. We work together, we are passionate, creative, and we embrace difference.
In this role you’ll work within our Consulting team, supporting new and existing clients across various sectors to define and implement security risk assessment and best practice solutions that match their requirements. You’ll work in close partnership with clients to ensure the delivery of expert services by complementing their inhouse Information and Cyber Security resources combining expertise in information security, solution architecture and business advice.
As a Security Consultant, you will be involved in a variety of work which may include responsibility for leading, advising and implementing risk management frameworks, Information Security Management Systems, Enterprise Security Risk Management (2nd line assurance), 1st line identification of risks relating to Security Architecture, maintaining an awareness of published vulnerabilities and best practices across various platforms, especially cloud infrastructures, leading and delivering security assurance coordinator activities, providing Security & Information Risk Advice. Working across the business and multiple technology platforms, you will play a key role in ensuring our clients make the best use of their existing technology and make proportionate, risk-informed decisions, ensuring protection of client assets and transformation of their security architecture.
This role forms part of the wider Consultancy team and will work cross functionally with the Delivery Managers and others to support and assure project delivery through all phases of the agile workflow. As a team we’re always looking to raise the bar, learn new things and incorporate new technologies and you will too! You’ll share your knowledge with the team and the wider Cyberfort community, contributing to Group blogs and undertaking research related to technology enhancements.
Responsibilities:
General Responsibilities:
Have an excellent understanding of risk management and assessment principles and frameworks, such as ISO27005 and the NIST Cyber Security Framework.
Work with multi-disciplinary teams, helping to ensure that products are delivered in a secure manner that is aligned with the wider business risk appetite.
Produce informative and succinct reporting that clearly articulates any identified vulnerabilities, associated risks, controls and risk treatment activity.
Facilitate workshops with the various Authority departments, to align with wider customer transformational Security and risk management outcomes.
provide accurate and pragmatic remediation/risk management guidance/advice.
Have an understanding of risk assessment in an agile delivery environment
Exceptional team working ethic and interpersonal skills.
Good level of knowledge of the cyber security industry in public and private sector.
Have a good understanding of modern IT technologies and services, such as Cloud Computing, Mobile Computing, IT Security, Infrastructure technologies, Zero Trust and demonstrate an understanding of security architecture.
As a team we’re always looking to raise the bar, learn new things and incorporate new technologies and you will too! You’ll share your knowledge with the team, our clients and the wider Cyberfort community, contributing to Group blogs and undertaking research related to technology enhancements.
To be Awesome at the role you will:
Be customer focused and a strong verbal and written communicator.
Possess strong hands-on experience in reviewing project delivery plans relating to security systems; evaluation of network and security technologies; developing requirements for network and cloud security designs as well as hardware & software, able to implement cyber security and risk management frameworks, deliver cyber risk assessment in line with established risk methodologies, providing Security & Information Risk Advice.
Have experience building and implementing secure by design principals within the software development lifecycle (SDLC).
Possess awareness and understanding of HMG and NCSC Security policies, standards and guidance, alongside MOD Joint Service Publications i.e. JSP440 and JSP604
Passionate in cyber security.
Motivated, self-directed and able to work in large and virtual teams.
Our Purpose:
The Cyberfort Group is a community of 150+ passionate people united by one overall mission... to make the world safer, one business at a time. We are the "one-stop shop" for all things cyber and are working to build a centre of excellence for our customers by building an amazing place to work, learn and develop for our people.
We work with a diverse range of clients, including large Governmental departments as well as other public sector organisations and businesses within the private sector. We're growing our business and our team through our continuous investment in developing technology and cyber capability; we aim to deliver innovation to our customers as fast as possible. Whether it's AI-driven ML-based threat intelligence or rapid start hybrid Cloud; our goal is to implement solutions that make us stand out in the market.
If that sounds like you, we'd like to see......
Your CV
Find your place at the Cyberfort Group - Our vision is to bring together technology, people, expertise, facilities and leaders in Cybersecurity to create capability that is second to none. We aim to create a workplace that leverages the expertise of people from a diverse range of backgrounds that are to be themselves, are celebrated for thinking differently and work together as one team.
We know that a one size fits all approach to our recruitment and selection practices will not allow us to reach some of the incredible people that are out there and it’s common practice for us to make adjustments. When you apply to work for us please let us know if there’s anything we can do to allow you to showcase your skills and talents to the best of your ability.
Required profile
Experience
Industry :
Cybersecurity
Spoken language(s):
Check out the description to know which languages are mandatory.
