Job Description
Job description
An exciting opportunity has arisen for an experienced Senior Governance, Risk & Compliance Consultant to join a fantastic, hard working team on the West Sussex Coast.
As a consultant, you’ll be delivering various consultancy services to our customers, including ISO 27001 gap analysis & consultancy, cyber risk assessments, security posture reviews, vCISO services and Cyber Essentials assessments.
This is an exciting opportunity to be truly valued as a consultant, as you help shape the way we do things and provide excellent consultancy services to our customers and partners.
The role will be predominantly home-based but there may customer visits every once in a while. It would also be great to see you in our south coast office every so often.
The role will include delivering the following services to our customers and wider partner network:
1. ISO 27001 Implementation and Auditing
2. Security Posture Reviews
3. Policy Authoring & Review
4. Threat Analysis Risk Assessments
5. CIS hardening review of cloud services, such as Microsoft Azure, Amazon AWS & Microsoft 365
6. vCISO & DPO services
7. GDPR Gap Analysis & Consultancy
8. Security Awareness Training
9. Cyber Essentials Assessments
10. Adhoc Cybersecurity Consultancy
You will also be responsible for working with our internal team to ensure that Team remains compliant with our own ISO 27001 certification. This will involve carrying out our own internal audits and ensuring that our ISO management system is running smoothly.
Successful candidates for this role will have the following :
11. Relevant and current industry-recognised certification (such as CISSP, CISM or ISO27001 Lead Auditor / Implementer)
12. At least 5 years experience in a customer-facing GRC consultancy role
13. Excellent written English skills
14. Able to communicate with customers and stakeholders on all levels – from developers and systems administrators through to less-technical senior board members
15. Able to work well on your own but also as part of the wider consultancy team on larger engagements
16. Must currently hold or be able to obtain UK Government SC clearance
17. Ability to manage multiple jobs for multiple customers concurrently
18. Highly motivated team player with a “can do” attitude
19. Good understanding of Amazon AWS, Microsoft Azure and Microsoft 365
20. An understanding of common security threats, vulnerabilities and common technical security controls and concepts
Experience in any of the following areas is also highly beneficial to be selected for this role:
21. Operational Technology (OT) / SCADA environments
22. NHS Data Security and Protection Toolkit (DSPT)
23. GDPR
24. NIST 800-53 controls
25. CIS hardening guides and controls
26. NIS directive
27. PCI-DSS
28. IEC 62443 standard
29. HSE OG-86 controls
This role does not only come with a competitive salary but a great list of benefits:
30. Lead introduction bonuses
31. Profit share scheme (after the first 12 months of employment)
32. Company pension
33. Holiday entitlement that increases with employment duration
34. Top-spec Dell XPS laptop
35. Regular team building
36. The best locally roasted, micro-lot coffee you’ve ever tasted in any office !
37. Free soft drinks in the office.
38. Canine-friendly office.