Our client, a forward thinking Cyber Security Consultancy based in London are currently recruiting for Cyber Security Practitioners to work with their clients to ensure delivery of Information Security and Related Requirements. The person must be familiar with ISO 27001, PCI DSS and HMG/CESG/NCSC Accreditation and Security Standards and Practices. They must be able to work closely with clients to support, develop and maintain IT infrastructure, security architecture and design as well as be able to develop IT Security Strategy and ensure IT Security best practice.
The role will include:
- Develop and maintain security policy documentation
- Conduct security risk and threat assessments for client deliveries
- Produce and maintain security risk documentation with clients
- Self starter who can act as the lead in delivery against agreed schedule of works
- Production and maintenance of ISMS, RMADS, lightweight security documentation sets or other security related deliveries as required, including supporting clients through IT Security Testing processes and interpretation of results.
- Support, facilitate and manage accreditation activities
- Promote information security awareness with clients and delivery partners
Qualifications and Education requirements:
- Ideally the candidate will hold a relevant degree or have an appropriate level of work experience in the field of information security required for a senior level consultant and must be at least SC Cleared, as well as all or some at least some of the following:
- ISO27001 Lead Auditor or Lead Implementer
- CESG Certified IA Professional (CCP) in one or more roles as Practitioner or Senior
- A.InstISP / M.InstISP
- Preferred Skills
The ideal candidate will have the following skills:
- Be motivated and show a positive can-do attitude
- Good communication skills both written and verbal
- Good business report writing skills
- Show a desire to learn, adopting a flexible and pragmatic approach and be highly motivated with a good track record for delivery
- Have a good knowledge and understanding of information security and standards such as ISO27001, IS1/2, CESG/NCSC GPGs and Guidance etc.
- Have a good understanding of risk management and assessment principles
- Exceptional team working ethic and interpersonal skills
- Have a good understanding of modern day IT technologies and services, such as Cloud Computing, Mobile Computing, IT Security, and Infrastructure technologies and demonstrate a pragmatic technical understanding of security architecture
- Ability to work with little guidance under own initiative
- Appetite to stay in the forefront of new IT developments and techniques
- Knowledge and application of other standards such as PCI DSS not essential but an advantage
- Good IT Networking, infrastructure and security architecture design as well as the ability to develop IT Security Strategy and ensure IT Security best practice
- Already hold or be willing to go through a government security vetting process to SC level.