£550 - £630 per day
£550 - £630 per day
Role: Cyber Security Consultant
Contract Length: 6 months (possible extensions)
Day rate: £550 - £630
1 or 2 days remote possibility
As a Cyber Security Consultant, you help others within the Digital and Technology team to build secure solutions. You advise technical teams on cyber security decisions. You help them deal with risks effectively. You do this by working with them as they design and implement effective controls and mitigations. This means you get involved and embedded in projects and products early, assist with threat modelling activities, and provide advice about appropriate and pragmatic security. The goal is to enable business outcomes. Your approach ensures that common problems are addressed in reusable ways. You work alongside Cyber Risk Advisors, helping the business understand what risks to manage, how to prioritise investment decisions, and to recognise the importance of different data sets in various business contexts. You deal with incidents, and apply insights from security issues observed in products, systems, services from across government and industry. This knowledge is applied to development and live systems, to help us stay better protected now and in the future. You'll be a recognised specialist in securing digital services. But you'll also have wider knowledge and experience of enterprise technology and line of business applications. This gives you a good understanding of the subtleties of designing, implementing and operating organisational systems securely. The Cyber Security Consultancy team focuses on providing professional and experience-led advice. We emphasise aspects such as identifying and applying recognised good practices, such as those provided by the National Cyber Security Centre. We take account of contextual nuance. The work moves from the older accreditation models, such as the deprecated IS1&2 standards. Instead we enable assurance, valuing good advice and practical application over control lists, advocating meaningful controls over rigid compliance.
The essential skills and experience required are:
● Cloud services & technologies - Experienced in assuring and working with product teams deploying and transitioning digital solutions into public cloud environments in an agile manner.
● Design secure systems - Designs and reviews system architectures through the application of patterns and principles to reduce cyber security problems.
● Threat modelling and analysis - perform structured analysis of proposed or implemented complex systems to identify likely cyber security problems. Propose realistic and pragmatic mitigations that address these problems, and work with the product / project team to implement these effectively into their work.
● Enabling and informing risk based decisions - Works with risk advisors to advise and give feedback. Advise on risk impact.
● Research and innovation - Able to advise on developments on security properties in technology. Able to identify new technologies and design the use of these in the business context.
● Specific technology and security understanding - Has knowledge of system architectures. Able to understand and articulate the impact of vulnerabilities on existing and future designs and complex systems, and is able to articulate a response. Has broad knowledge of a range of systems but may specialise in one.
If this sounds like something you are looking for, please click apply or give Laima a call on 01173320826