A fantastic opportunity to join a highly skilled Security Consultancy Team. We are a fast growing SME who offer a varied workload day-to-day, with long term careers through multiple progression paths, and a culture that promotes a social working environment and work life balance.
We are seeking a highly capable Security Consultant to join the company's primary Cyber Security Practice. The successful candidate will be a member of the Chartered Institute of Information Security (CIISec) and should hold an industry recognised cyber security certification commensurate to their experience (such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)).
The ideal candidate will have worked across the system lifecycle, undertaking security risk management activities, and have experience of defining and implementing risk management strategies and plans. They will also have experience of leading security risk management events and workshops, and specification and coordination of security verification, validation, and assurance testing.
The ideal candidate will also have knowledge and understanding of core cyber security risk management areas, including security governance and risk management approaches, threat modelling, attack classification and characterisation frameworks, computer and network security architectures, and national and international security standards.
1. Coordination and leadership of risk management and assurance workstreams for projects delivering secure systems and services within a government context.
2. Undertaking and producing socio-technical security risk assessments, ideally including technical threat modelling.
3. Development and implementation of risk management strategies and plans.
4. Specification, development and technical assurance of security policies and procedures.
5. Specification and definition of system security and control requirements.
6. Leadership of security risk management events and workshops.
7. Specification and coordination of security verification, validation, and assurance testing.
8. Specification, development and technical assurance of security risk management and assurance artefacts and evidence.
9. Development of proposals and tender submission artefacts.
We are recruiting at all levels of the business. Essential qualifications include Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), or another industry recognised cyber security certification. Desirable qualifications include Full Membership of the Chartered Institute of Information Security (CIISec) and Chartered or Principal status via the UK Cyber Security Council within a relevant specialism.