Cyber Security Consultant - Manchester (ID: 9eCJZIGn)

Cyber Security Consultant based in Manchester, we are an independent Cyber Security Consultancy providing Security Consultancy and Managed Security services across a wide range of markets, from multi-national Corporate Organisations and Government Agencies, through to smaller Businesses that want to develop strong security strategies.

We are growing and looking to recruit a Cyber Security Consultant, ideally with experience of supporting clients in the Public sector. We’re looking for an enthusiastic and driven individual to join our team. Client satisfaction is paramount to us and therefore strong customer facing skills are a must.

We are a small Consultancy with big plans for growth, offering a clear career path and family based approach to our team, Partners and Clients.

The Role:

As a Cyber Security Consultant, you will be a subject matter expert in secure design, risk management and compliance with demonstratable experience in regulated industries, specifically UK Government, Health and/or Defence.

You will build effective working relationships with delivery team members and Cyber Security Specialists customers and operate with and without supervision as a Security SME across multiple Client projects.

SC clearance is required for this role. If you don’t hold SC clearance, we will support you to apply as long as you have lived and worked in the UK continuously (no longer than 6 months abroad) for the last 5 years.

Responsibilities:

• Lead client specific security and assurance of cloud hosted digital services across the entire project lifecycle (strategy, design, implementation and BAU)
• Provide specialist advice and knowledge of UK Government security architecture and assurance to OFFICIAL classifications.
• Provide specialist advice and knowledge of Public Cloud (Azure and AWS) security architectures aligning with the NCSC Cloud Security Principles.
• Define scopes for external security testing (ITHC, Pen Testing, etc) of solutions on public cloud native platforms and Software as a Service (SaaS) solutions.
• Perform risk assessments of on-premise and public cloud hosted solutions and identify any control gaps and residual risks using known frameworks such as the CIS Top 18 and the NIST Cyber Security Framework.
• Support Clients in the identification and remediation of vulnerabilities and threats using industry leading Tools.
• Ensure that security architecture principles, designs, patterns and security controls are implemented by Client engineering teams.
• Perform Cyber Security Maturity Assessment to known standards such as the NIST Cyber Security Framework.

Key Skills and Experience:

• Cloud security concepts, technologies and best practices for delivering security across IaaS, PaaS, SaaS and Serverless architectures.
• Significant public cloud (AWS and Azure) and hybrid cloud security architecture experience across multiple domains: Cloud, Network, Infrastructure, Application, Data, IAM.
• Implementing Information Security and Privacy Standards and Frameworks (e.g. ISO 27001, NIST, CIS).
• Working directly with engineering teams and architects to review system/data architectures through the development of patterns and industry best practice.
• Understanding and articulating the impact of vulnerabilities and required controls and mitigations on existing and future designs and systems.
• Ability to conduct Risk Assessments and effectively translate and accurately communicate security and risk implications to technical and non-technical stakeholders.
• Manage and support Project stakeholder expectations and be flexible, agile and pragmatic.

Nice to have Skills:

• Formal security certifications e.g. CISSP, CISM, AWS Solutions Architect
• Working within environments utilising DevOps, DevSecOps, SRE, CI/CD, Infrastructure & Security as Code (Docker, Git, Terraform)
• Good understanding of Data Protection & GDPR

Package:

• £40 - £65k per annum dependant on skills and experience
• Up to 10% annual bonus (if targets met)
• Funded InfoSec training and time allocated for self-study
• 40 hour working weeks
• Flexible working policy
• Hybrid working – 2 days Manchester Office/3 days WFH
• 25 days holiday plus bank holidays
• Company Pension
• Company Expense Policy
• Private Health Care
• Career development opportunities
• Regular team meals and activities

Job Type: Full-time

Pay: £40,000.00-£65,000.00 per year

Additional Pay:

• Performance Bonus
• Yearly Bonus

Benefits:

• Casual Dress
• Company Events
• Company Pension
• Free On-site Parking
• Private medical Insurance
• Sick Pay
• Transport Links

Schedule:

• Monday to Friday

Application question(s):

Do you currently hold UK SC clearance?
Have you ever provided cyber security consultancy within the UK Public Sector, NHS or Defence industry?
Have you had experience of securing solutions hosted in AWS?
Are you able to commute to our Manchester Office (Altrincham) for 2 days a week?

Experience:

Information Security: 2 years (required)
Work Location: In person

PLEASE NOTE - No sponsorship is available for this role.