Security Consultant / IA Architect
M4/M5/M3 Corridor/Home Based - £40k to £70k basic + generous benefits package
A well-respected and rapidly emergent NCSC Certified Cyber Security Consultancy is seeking an additional Security Consultant / IA Architect at Practitioner or Senior Practitioner level.
The successful applicant will be tasked with challenging and exciting roles across a diverse client base and be responsible for ensuring that the design of business solutions and ICT systems meet their exacting security and compliance standards. You will have the opportunity to engage stakeholders at all levels of seniority to achieve the requirements of the business.
Responsibilities may include:
- Supporting and collaborating with the CISO, Operational IT and IT architect functions
- Provide leadership to integrate new solutions, including internal policy, privacy laws and ISO 27001 and NIST standards and controls
- Establishing a security architecture roadmap, including standards and frameworks that are aligned with the overall strategy of the business
- Assisting HMG departments and agencies to achieve security architecture compliance with HMG, Security Policy Framework, other regulatory requirements along with knowledge of security principles & technologies
- Perform capability and gap analysis on existing architecture designs
- To understand and communicate current and emerging threats and propose cost effective and proportionate controls to address those threats where possible.
Candidates will be expected to be able to demonstrate their experience of hands-on technical security together with some knowledge of products and solutions and may be tasked to design or develop proof of concepts to validate suitability and viability of new security related technologies and solutions from both functional and technical perspectives.
At Practitioner level, we will expect you to have a minimum of 2 years’ experience in information security, with consultancy experience highly desirable. A good all-round knowledge of security technologies is essential, as is a knowledge of the information assurance policies and methods used by UK Government and industry, including the Security Policy Framework, Information Assurance standards, NCSC/CESG good practice guides and architectural patterns, ISO/IEC 27001 and 27002.
At Senior Practitioner level, we will expect you to have a minimum of 5 years’ experience as an information security consultant. You will be comfortable working on complex system architectures, designing proportionate security controls and justifying your recommendations to senior decision makers. We will expect you to have the skills and experience to work unsupervised, often as the only IA expert, and be representative of our company to a client. You will either be certified at Senior Practitioner level under the CESG Certified Professional scheme or be capable of achieving this certification based on your existing knowledge and experience.
At all levels, you will have the opportunity to work with some of the most experienced and respected security consultants in the UK, and with a range of high-profile clients who are often subject to the most serious and persistent cyber threats. Certification under the CESG Certified Professional scheme (at Practitioner level), especially in the SIRA, IA Architect or IA Auditor roles, is highly desirable but not essential. Prior membership of the CESG Listed Advisor Scheme (CLAS) is desirable but not essential.
Applicants who are a UK citizen, with a current or previous security clearance, are desirable.
We look forward to hearing from you.