LEAD CYBER SECURITY CONSULTANT

Actica is currently accepting applications for a Lead Cyber Security Consultant.

Role Profile

As a Lead Cyber Security Consultant at Actica, you will have the opportunity to lead multiple, small Actica teams in their support to a wide range of high-profile UK public sector and defence organisations. Your help enables our customers to protect their ICT investments, and in doing so you will play a key role in nationally critical projects which make a real difference to people’s everyday lives.

You will be joining an established business practice with multiple in-flight projects and a continued demand for our services. This role will be responsible for the outputs of several small Actica teams, engaging senior customer stakeholders, supporting Actica personnel in the execution of their roles, supporting the mentoring and development of staff, as well as growing the business through engaging with our established customer base and seeking new opportunities.

Our projects require the skills and experience to: provide advice and guidance on Information Assurance topics; develop IA strategies, policies, guidance and awareness; plan and manage the delivery of a security work programme; define security requirements; design and implement security architectures; and overseeing the secure development and accreditation of information systems.

This role requires direct experience of security engineering and the ability to lead assignments and be responsible for supervising direct reports whilst ensuring the overall success of the engagement.

You will be involved in the production of high quality, formal deliverables and will review formal deliverables developed by others. Our position as both client-side advisor and at times working with industry delivery teams means that your role will involve significant stakeholder engagement, dealing directly with the client, including in resolving day-day issues involved in assignment delivery and developing follow-on opportunities, so excellent interpersonal and influencing skills are essential.

You will typically work on client sites, co-located with other project members, including client staff, Actica colleagues and other suppliers.

Due to the nature of client side working, regular travel within the UK should be expected. The base office is in Guildford, but it is likely that you will spend the majority of your time working with clients at their sites.

Career Development

You will work directly to one of our Directors, helping them deliver and grow an established security practice. You will have evidence of a strong background in security and information assurance, but will also have the opportunity to develop further specialisms and refine broader consulting skills.

A career mentor will be on hand to provide support and guidance throughout your journey with Actica. You will also work with a performance and development manager who will conduct an annual review to focus on career objectives and identify relevant training and development opportunities.

We provide substantial training, including online, classroom and in-house courses, leading to nationally recognised certifications, such as CCP, PCiIAA, CISMP, CISSP, CREST, ISO27001, SABSA, and TOGAF. We provide structured career development pathways to help you gain responsibility and influence.

Responsibilities

Leading one or more Actica teams, you will undertake a number of varying consultancy assignments. Due to the potential variety in assignments your responsibilities will range from developing security architectures, to providing guidance on GRC activities. Other responsibilities will include:

• • • Providing security expertise for major system procurements and Agile programmes to ensure secure solution delivery;
    • Identifying, analysing and evaluating information risks across a range of programmes, projects and systems;
    • Explaining to risk owners and other stakeholders the causes, likelihood and potential business impacts of information risks throughout the information system lifecycle;
    • Identifying and presenting options for treating or transferring information risks;
    • Authoring and/or supporting the development of security assurance documentation in accordance with risk management frameworks;
    • Developing or reviewing new security architectures that mitigate the risks posed by new technologies and business practices;
    • Providing consultancy to customers on information assurance and architectural problems;
    • Scoping security testing activities, and explaining the results and required remediation;
    • Conducting security monitoring and investigating security incidents.

As part of the management team for the security practice your responsibilities will also include:

• • • Managing the delivery of security services by Actica teams across several live projects;
    • Working with our client-side customers to manage contract delivery;
    • Working with our industry-side customers to position for and develop compelling, winning proposals and ultimately deliver projects into UK Defence;
    • Coach, mentor and help develop junior Actica staff;
    • Be responsible to an Actica Director for contract delivery and business area growth.

Qualifications and Experience

It is essential that you have the following experience:

• • • Experience of complex ICT systems security in a technical delivery or consulting capacity within the UK Defence sector;
    • A good understanding of enterprise information and communications technology;
    • The ability to present and justify conclusions to project teams and business stakeholders;
    • Proven abilities in delivering to client expectations and requirements; and
    • Strong verbal and written communications skills.

Knowledge of the following would be beneficial for the role:

• • • Structured security frameworks, such as HMG SPF and ISO27001;
    • Security, technical and enterprise architecture methods such as TOGAF and SABSA;
    • Technical risk assessments;
    • Software development and delivery;
    • ICT service delivery, including ITIL;
    • Enterprise security packages, security enforcing software and devices, such as identity management and federation, cryptography, public key infrastructure, firewalls, SIEM, vulnerability scanning, etc.

Preference is given to candidates with, or studying for, a security-based master’s degree.  Alternatively, a STEM based degree.

The nature of the Actica’s business means that a wide and varied background is preferable and the capability to adapt quickly to change is always required.

You may not feel that your skills precisely match the requirements of this job specification; however, we encourage you to apply if this is a role that appeals to you.  We require individuals with a broad skillset, so there may be other aspects of your experience which are equally important to us, but that are perhaps not listed in the role specification above.

Actica aims to nurture a diverse workforce through inclusive working practices, promoting equality in our recruitment activities, and by employing candidates on the basis of merit.  Discrimination against individuals on the grounds of protected characteristics is not permitted and we take steps to ensure that our staff are made aware of their legal responsibilities when making hiring decisions.

We are keen to improve diversity within our organisation and the industries in which we work, and hope to employ individuals who share that view.

Candidates must be eligible and willing to gain UK Security Clearance to apply for this position.

We are recruiting in order to facilitate continued growth of the business and as a result other positions are available across Consultant, Senior Consultant, and Principal Consultant grades.  The advertised role is for employment on a permanent basis.

To apply, please follow this link, alternatively, follow the instructions on the apply to us page.