Cyber Security Consultant


    Location: UK Clients sites - Predominantly along the M4 corridor
    Job Type: Full Time, Permanent
    Industries: UK Public Sector and Defence
    Grade/s: Consultant / Senior Consultant / Principal Consultant
    Salary: Negotiable + Biannual Bonus (Biannual Pay Review)
    Switches to annual pay review at Principal Consultant grade and above.
    Holiday: 25 Days Annual Leave + Public Holidays

Role Profile

You will have the opportunity to undertake a variety of roles throughout the project lifecycle, working across a wide-ranging set of clients and leading edge technologies. This could include providing projects with advice and guidance on Information Assurance topics; contributing to the development of IA strategies, policies, guidance and awareness; planning and managing the delivery of a security work programme; defining security requirements; designing and implementing security architectures; or overseeing the secure development and accreditation of information systems. You will be required to explain information assurance concepts to non-technical stakeholders, and the rationale for the proposed information risk management decisions. The role may involve operating as part of a larger Actica team or working embedded within a customer team.

To complement the information assurance activities, you will be supported by others providing, and may also find yourself providing, high-value strategy, business analysis, technology and procurement consultancy to ensure any solution aligns with the organisation’s business objectives. You will also be expected to provide authoritative advice on security aspects of likely future technology developments and routes to exploit these.

You will have opportunities to lead assignments, to manage small teams and to directly deliver consultancy to ensure the overall success of the engagement. The role involves producing high quality, formal deliverables and reviewing formal deliverables developed by others. It requires significant stakeholder engagement, dealing directly with the client, including in resolving day-day issues involved in assignment delivery and developing follow-on opportunities.

You will typically work on the client’s site co-located with other project members, who may include the client’s own staff, Actica team members and other suppliers. Due to the nature of customer side working, regular travel within the UK should be expected.


Career Development

You will have the opportunity to build a career in consulting, specialising in the application of information assurance and cyber security expertise to a wide range of business problems. We provide substantial training, including online, classroom and in-house course provision, leading to nationally recognised qualifications such as CCP, CISM, CISSP, CREST, ISO27001, SABSA and TOGAF certifications. We provide structured career development pathways to help you gain responsibility and influence.


Responsibilities

Working either individually or as part of a larger Actica team, you will undertake a number of consultancy assignments that could include:

  • Providing security expertise to major system procurements and Agile programmes to ensure secure solution delivery;
  • Identifying, analysing and evaluating information risks across a range of programmes, projects and systems;
  • Explaining to risk owners and other stakeholders the causes, likelihood and potential business impacts of information risks throughout the information system lifecycle;
  • Identifying and presenting options for treating or transferring information risks;
  • Authoring and/or supporting the development of security assurance documentation in accordance with leading risk management frameworks;
  • Developing or reviewing new security architectures that mitigate the risks posed by new technologies and business practices;
  • Providing consultancy to customers on information assurance and architectural problems;
  • Scoping security testing activities, and explaining the results and required remediation;
  • Conducting security monitoring and investigating security incidents.

Qualifications and Experience

Our position as a client side advisor means that strong influencing and personal skills are essential. The fast moving nature of the ICT environment together with the need to resource multiple, ad-hoc assignments also require you to be intellectually agile, proactive and self-motivated – with the ability to apply a structured approach to often unfamiliar subject matter. It is essential that you have the following qualifications and experience:

  • At least two years’ experience of complex ICT systems in a technical delivery or consulting capacity;
  • A good understanding of enterprise information and communications technology;
  • The ability to present and justify conclusions to project teams and business stakeholders;
  • Proven abilities in delivering to client expectations and requirements;
  • Strong verbal and written communications skills.

The following experience would be beneficial for the role:

  • Structured security frameworks, such as HMG SPF and ISO27001;
  • Technical risk assessments;
  • Software development and delivery;
  • Security, technical and enterprise architecture methods such as TOGAF and SABSA;
  • ICT service delivery, including ITIL;
  • Enterprise security packages, security enforcing software and devices, such as identity management and federation, cryptography, public key infrastructure, firewalls, SIEM, vulnerability scanning, etc.

Preference is given to candidates with, or studying for, a security based masters degree. Alternatively, a STEM based degree (2.1 or above).

Because of the nature of Actica’s business, a wide and varied background is preferable and the demonstrable capability to adapt quickly to new developments is always required.

Candidates must be eligible and willing to gain UK Security Clearance to apply for this position.