GRC Consultant - Secure by Design Assessor
Permanent opportunity offering CIRCA £70 000
Onsite 3 days a week in Helensburgh, with 2 days remote.
SC or DV clearance required.
Exciting opportunity working for a leading organization in the field of cybersecurity, dedicated to safeguarding digital assets and infrastructure within Governmental sector. Due to significant success, the company is rapidly expanding and seeking a new Consultant to lead client engagement in Helensburgh.
ABOUT THE ROLE
You will work closely with the Technical Design Authority as a Security expert, assisting in enhancing their cyber risk management capabilities through strategic transformation initiatives. You will champion Secure by Design approach by embedding it into security considerations of all aspects of the programme’s operational and non-operational systems.
You will lead on the assessments, design and implementation of security measures to protect software, systems, and data from potential threats while assuring alignment with Secure by Design Principles.
WHAT WILL YOU DO?
•Secure by Design principles emphasise integrating security measures into the design and development of systems and processes from the outset.
•Conducting security assessments and audits
•Developing and implementing security strategies and policies
•Identifying and mitigating potential vulnerabilities
•Ensuring compliance with industry standards and regulations
•Collaborating with other teams to integrate security into the development process
WHAT EXPERIENCE YOU WILL NEED TO BE SUCCESFUL?
•Ideally, you will have SbD practical experience with understanding defence industry security requirements
•Solid understanding of cybersecurity principles, threat modelling, risk assessment, and secure coding practices.
•Assessment and Auditing Skills – assessing risks associated with software design and implementation, identifying potential vulnerabilities and suggesting mitigations.
•Strong analytical skills with the ability to assess complex cyber risks, develop actionable insights,
and articulate recommendations to stakeholders.
•Software Development - familiarity with various programming languages, frameworks, and development methodologies is essential. Skilled in assessing code quality and identifying vulnerabilities.
•Code Review - ability to review code for security flaws, adherence to best practices, and compliance with security standards.
For immediate consideration and more information, apply today