Cyber Security Consultant - REMOTE - MUST BE SC CLEARED

Cyber Security Consultant - REMOTE

MUST BE SC CLEARED

We are looking for a Cyber Security Consultant to join our expanding Cyber Security team on a 6 month contract.

The Cyber Security Consultant will provide management of, and provision of expert advice on, the selection, design, justification, implementation and operation of information security controls and management strategies to maintain the confidentiality, integrity, availability, accountability and relevant compliance of information systems with legislation, regulation and relevant standards.

Key responsibilities:

• To identify, analyse and evaluate information risks
• To explain to risk owners and other stakeholders the causes, likelihood and potential business impacts of information risks throughout the information system lifecycle
• To assist checking compliance with applicable regulations, standards, policies and guidance on information risk management
• To present risk management options to the business
• To support the development of appropriate and proportionate documentation to inform risk management decisions, ensuring these are expressed in terms meaningful to the business.
• To promote security awareness
• To provide threat guidance
• To provide impartial assessment and reports covering security investigations, information risk management and investment decisions to improve an organisation’s information risk management
• To provide an independent opinion on whether IA control objectives are being met within an organisation
• To identify an organisation’s systemic trends and weaknesses in security
• To recommend responses to audit findings
• To provide subject matter expertise to projects and change initiatives

Skills & experience:

Essential:

• ISO27001 – Implementation and Audit
• Graduate or similar educational level
• ISC2 CISSP
• ISACA CISM or CISA

Desirable:

• Technical background
• Managing IT Health Checks / Pentest engagements
• Vulnerability Assessment
• Experience with PCI DSS standard
• Regulated industry experience (i.e. HMG, Financial Services, Health Care)
• Security Management experience
• Business Continuity Management
• ISO27001 Lead Implementer / Auditor
• ISO22301 Lead Implementer / Auditor
• CESG CCP as a SIRA or IA Auditor (Senior or Lead grade)
• HMG or CNI experience
• Industrial security sector experience (i.e. SCADA, ICS etc.)

Must hold Security Check (SC) vetting.