Connecting Talent to opportunity

Connecting Talent to opportunity

Cyber Security Consultant - DV Cleared.

Expired

Job Description:


Cyber Risk Advisor/Consultant
1. Create business risk models and associated material, in support of operational cyber security and business planning across a range of different domains or sectors using established frameworks (e.g. NIST, UK Government)
2. Undertake cyber security audit processes in support of operational and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, UK Government)
3. Undertake cyber security vulnerability analysis to provide a rich picture of organisational maturity and risk exposure to cyber security, in support of operational and business planning activity across a range of different domains or sectors using established frameworks (e.g. NIST, MITRE ATT&CK, UK Government)
4. Identify mitigations for cyber risk in a given business or operational scenario and threat environment
5. Support development of cyber security risk cases in a given business or operational context.

Key Capabilities/Knowledge

* Understand relevant NIST frameworks and ISO27001 standards and how to apply in practice
* Knowledge of MITRE ATT&CK
* Understands the impact of cyber risk, security accreditation and certification on business or operational outcomes
* Able to articulate regulatory requirements and devise courses of action to meet these appropriate to the business or operational context.
* Able to devise effective and creative risk mitigation strategies that enhance business outcomes
* Understand cyber risk and mitigations put in place and can provide evidence to help refine risk mitigation approaches
* Able to identify, document and articulate security risk and mitigation approaches, against technology solutions and business processes
* Able to engage and communicate effectively with customers
* Able to engage and communicate effectively with stakeholders at all levels
* Good awareness of digital technology (in particular computer and computer network)
* Awareness of how architects and designers employ the technology to build systems of interest
* Demonstrate good judgement in relation to cyber risk and vulnerability assessment
* Able to articulate evidenced and convincing arguments for recommended courses of action
* Government, defence, CNI market understanding
* Able to work independently and seek guidance on own initiative for unusual or complex situations

Experience & Qualifications

Essential
* STEM degree or equivalent and relevant experience in cyber security role
* Digitally literate (including fluency in Microsoft Office tools)
* Minimum of 2-3 years of experience in security vulnerability, risk, audit & compliance
Desirable
* Experience applying/work to relevant NIST and ISO27001 frameworks and standards in different sectors and domains including defence, wider UK Government, critical national infrastructure.
* Experience guiding successful security audit preparation and outcomes
* Membership of CIISec or equivalent

  • Job Type

    Contract, Full Time

  • Work Authorisation

    No

  • Industry Sector Other