A UK Government Security Check (SC) clearance is required for this role. If you don’t hold SC clearance, we will support you to apply as long as you have lived and worked in the UK continuously (no longer than 6 months abroad) for the last 5 years.
As a Cyber Security Consultant, you will be a subject matter expert in secure design, risk management and compliance with demonstratable experience in highly regulated industries, specifically UK Government and Defence.
You will build effective working relationships with delivery team members and Cyber Security Specialists customers and operate with and without supervision as a Security SME across multiple Client projects.
Responsibilities
- Lead client-specific security and assurance of complex, cloud-centric data and digital services across entire lifecycle (strategy, design, implementation and operations)
- Provide specialist advice and knowledge of UK Government security architecture and assurance to OFFICIAL and above classifications.
- Provide specialist advice and knowledge of Public Cloud (Azure and AWS) cloud-based security architectures.
- Define and lead external security testing (ITHC, Pen Testing, etc) of solutions on the public cloud native platforms and Software as a Service (SaaS) solutions.
- Perform risk assessments of on-premise and public cloud hosted solutions and identify any control gaps and residual risks.
- Establish security requirements for cloud-based solutions by evaluating business strategies and requirements, implementing security standards such the NIST Cyber Security Framework.
- Identify and deliver appropriate controls based on industry standards (e.g. NCSC Cloud Security Principles) to drive cloud and customer security solutions framework based on business risk and cloud native threats.
- Continually evaluate new threats in the cloud, to identify the impact on IT and the business to develop and implement security controls.
- Provide direction, analysis and design facilitation to develop, maintain and govern a customer security architecture.
- Ensure that architecture principles, designs, technologies, methods and practices are properly executed.
- Perform Cyber Security Maturity Assessment to known standards such as the NIST Cyber Security Framework.
Key Skills and Experience
- Cloud security concepts, technologies and best practices for delivering security across IaaS, PaaS, SaaS and Serverless architectures.
- Significant public cloud (AWS and Azure) and hybrid cloud security architecture experience across multiple domains: Cloud, Network, Infrastructure, Application, Data, IAM.
- Implementing Information Security and Privacy Standards and Frameworks (e.g. ISO 27001, NIST, CIS).
- Working directly with engineering teams and architects to review system/data architectures through the development of patterns and industry best practice.
- Understanding and articulating the impact of vulnerabilities and required controls and mitigations on existing and future designs and systems.
- Demonstrate a solid understanding of security concepts and can apply them to a technical level to guide engineering teams.
- Ability to conduct Risk Assessments and effectively translate and accurately communicate security and risk implications to technical and non-technical stakeholders.
- Manage delivery manager and stakeholder expectations and be flexible, adapting to stakeholder reactions to reach consensus.
Nice to have Skills
- Formal security certifications e.g. CISSP, CISM, AWS Solutions Architect
- Working within environments utilising DevOps, DevSecOps, SRE, CI/CD, Infrastructure & Security as Code (Docker, Git, Terraform)
- Good understanding of Data Protection & GDPR
Package
- £40 – £65k per annum dependant on skills and experience
- Up to 10% annual bonus (if targets met)
- Funded InfoSec training and time allocated for self-study
- 40 hour working weeks
- Flexible working policy (within core business hours)
- Hybrid working – Company HQ in Altrincham (South Manchester)
- 25 days holiday excluding bank holidays
- Company Sickness Policy
- Company Pension
- Company Expense Policy
- Private Health Care
- Career development opportunities
- Regular team meals and activities
Get in touch
Find out more
For more information please contact us on 0161 706 0244 or email opportunities@cybersecurityspecialists.co.uk to speak with a member of the team.