Prinicpal Cyber Security Consultant – Hybrid

Role Profile

As a Principal Cyber Security Consultant, you will have the opportunity to lead multiple, small teams in their support to a wide range of high-profile UK public sector and defence organisations. Your help enables our customers to protect their ICT investments, and in doing so you will play a key role in nationally critical projects which make a real difference to people’s everyday lives.

You will be joining an established business practice with multiple in-flight projects and a continued demand for our services. This role will be responsible for the outputs of several small teams, engaging senior customer stakeholders, supporting company personnel in the execution of their roles, supporting the mentoring and development of staff as well as growing the business through engaging with our established customer base and seeking new opportunities.

Our projects require the skills and experience to: provide advice and guidance on Information Assurance topics; develop IA strategies, policies, guidance and awareness; plan and manage the delivery of a security work programme; define security requirements; design and implement security architectures; and overseeing the secure development and accreditation of information systems.

Our position as both client-side advisor and at times working with industry delivery teams means that your role will involve significant stakeholder engagement, dealing directly with the client, including in resolving day-day issues involved in assignment delivery and developing follow-on opportunities, so excellent interpersonal and influencing skills are essential.

Career Development

You will work directly with one of our Directors, helping them deliver and grow an established security practice. You will have evidence of a strong background in security and information assurance, but will also have the opportunity to develop further specialisms and refine broader consulting skills.

A career mentor will be on hand to provide support and guidance throughout your journey with us. You will also work with a performance and development manager who will conduct an annual review to focus on career objectives and identify relevant training and development opportunities.

We provide substantial training, including online, classroom and in-house courses, leading to nationally recognised certifications, such as CCP, PCiIAA, CISMP, CISSP, CREST, ISO27001, SABSA, and TOGAF.

Responsibilities

Leading one or more of our teams, you will undertake a number of varying consultancy assignments. Due to the potential variety in assignments your responsibilities will range from developing security architectures, to providing guidance on GRC activities. Other responsibilities will include:

  • Providing security expertise for major system procurements and Agile programmes to ensure secure delivery;
  • Identifying, analysing and evaluating information risks across a range of programmes, projects and systems;
  • Explaining to risk owners the causes, likelihood and potential business impacts of information risks; * Identifying and presenting options for treating or transferring information risks;
  • Authoring and/or supporting the development of security assurance documentation;
  • Developing or reviewing new security architectures;
  • Scoping security testing activities, and explaining the results and required remediation.

As part of the management team for the security practice your responsibilities will also include:

  • Managing the delivery of security services by teams across several live projects;
  • Working with our client-side customers to manage contract delivery;
  • Working with our industry-side customers to develop compelling, winning proposals and ultimately deliver projects into UK Defence or Public Sector;
  • Coach, mentor and help develop junior staff.

Qualifications and Experience:

The following attributes and areas of experience will make you particularly suited to this role

  • Experience of complex ICT systems security in a technical delivery or consulting capacity in the UK Defence sector or Public Sector;
  • The ability to present and justify conclusions to project teams and business stakeholders;
  • Proven abilities in delivering to client expectations and requirements; and
  • Strong verbal and written communications skills.

Knowledge of the following is highly desirable for the role:

  • Structured security frameworks, such as HMG SPF and ISO27001;
  • Security, technical and enterprise architecture methods such as TOGAF and SABSA;
  • Technical risk assessments;
  • Software development methods and techniques e.g. Agile methods such as SCRUM;
  • Enterprise security packages, security enforcing software and devices, such as identity management and federation, cryptography, public key infrastructure, firewalls, SIEM, vulnerability scanning, etc.

The nature of Actica’s business means that a wide and varied background is preferable and the capability to adapt quickly to change is always required.

You may not feel that your skills precisely match the requirements of this job specification; however, we encourage you to apply if this is a role that appeals to you. We require individuals with a broad skillset, so there may be other

aspects of your experience which are equally important to us, but that are perhaps not listed in the role specification above. We aim to nurture a diverse workforce through inclusive working practices, promoting equality in our recruitment activities, and by employing candidates on the basis of merit. Discrimination against individuals on the grounds of protected characteristics is not permitted and we take steps to ensure that our staff are made aware of their legal responsibilities when making hiring decisions.

We are keen to improve diversity within our organisation and the industries in which we work, and hope to employ individuals who share that view.

While Guildford is our home base, consultants typically spend their time working remotely. For most clients, consultants spend 2-3 days working remotely and 2-3 days co-located with colleagues at a client’s site or our office in Guildford. For some projects, there will a requirement to work up to 5 days a week co-located with colleagues. All work is team based, with a high level of engagement with other client team members. Consultants are encouraged to get involved in internal activities and to attend company team events whenever possible.

Candidates must be eligible and willing to gain UK Security Clearance to apply for this position.

We offer

  • A discretionary bonus, paid twice a year;
  • 25 days annual Leave plus bank holidays;
  • Yearly performance appraisal/pay review;
  • Investment in training relevant to an individual’s development and our business needs

About Us

We are a growing Technology Consultancy that works on some of the most nationally critical technology projects. We specialise in delivering complex projects to limited timescales. Our customers include a wide range of public sector organisations; such as, the Home Office, the Ministry of Defence, HM Treasury, the Ministry of Justice, Police Forces, Fire Services and the NHS; as well as a range of national and international companies across the private sector.

We are recruiting in order to facilitate continued growth of the business and as a result other positions are available across Consultant, Senior Consultant, and Principal Consultant grades. The advertised role is for employment on a permanent basis.

Disclaimer:

This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited (“ARM”). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.