Cyber Security Consultant (Permanent)

Cyber Security Consultant Role

About the Role
As a Cyber Security Consultant, you will be responsible for managing information risk for our clients by enforcing measures that protect and defend information systems. You will be working closely with clients to ensure the delivery of expertise in supplier assurance with good technical ability combined with the skills to deliver business risk advice at all levels.
Responsibilities include:
* Ensure that all business areas include proportionate and appropriate security requirements within all procurements
* Ensure security due diligence is conducted on all bid applications as part of the procurement process
* Identify physical, personnel and information security risks and/ or vulnerabilities and report these prior to contract award
* Work with business to provide suppliers with early insight into the mandatory minimum security requirements expected of them during the life of a contract
* Supporting and ensuring consistency in the approach for the delivery of Supplier Security Assurance across Commercial Directorate
* Conduct on-going assurance activities post contract award to ensure supplier maintain compliance with minimum security requirements
* Conduct on site supplier security assessments
* Ensure consistent and accurate reporting of Supplier Security findings
* Work closely with security and other stakeholders, to ensure threats, vulnerabilities, and opportunities with the potential to impact or improve resilience of IT Infrastructure are identified, and/ or reported appropriately.
Essential Skills & Experience:
* A clear understanding of Information Security and Risk Management
* Understanding of and/or experience of working with security audit techniques
* Understanding of and/or experience of working with Legal and Commercial teams to deliver security outcomes
* Have proven leadership experience and the ability to engage and communicate easily and confidently with people at all levels
* Understand and interpret security information quickly; provide advice and guidance on requirements to stakeholders at all levels.
Desirable Skills & Experience:
* Knowledge of NIST, ISO27001 and use of the NCSC guidance (standards, GPGs, etc.)
* Demonstrate knowledge of applying Computer Misuse Act, DPA 98 and now GDPR 2018,
* Knowledge of Freedom of Information Act 2000 and RIPA 2000 in the cyber security field
* Working with suppliers and assuring security in their equipment deliveries
* Working on a HMG multi-national equipment delivery programme. Desirable Qualifications

* ISO 27001 Lead Auditor * CISSP or CISM * CISMP * CISM * CRISC certification * CCP SIRA.
Candidates must be:
* Ideally have an SC clearance - if not, willing to undergo government security clearance process
* Eligible to work in the UK and have the appropriate right to work documents
* Be aligned to the Skills Framework for the Information Age (SFIA) Levels 4 and 5
* Have qualifications are to be appropriate to the SFIA.

If this role sounds like something you would be interested in, please send your CV, ideally in Word format, via this site.

If this role is not quite right for you but you would like to have a conversation about other roles, please search and connect with me, Jason Dineen, on LinkedIn.

We are NonStop, a leading provider of staffing solutions throughout Europe and now also in the US. We're passionate about connecting talent with opportunity and work non-stop to support our clients in hiring the best talent for their teams. Feel free to pop over to our website, NonStop Consulting, for more information, to browse all our roles, or to let us know how we can help you.