Cyber Security Senior Consultant

NCC Group provides Information Assurance consultancy to help companies protect critical systems and information. We do this by defining security strategies, developing policies, conducting security maturity and risk assessments and implementing security solutions. We also provide security staff augmentation to clients so that our consultants may occupy security roles within the client environment in the short, medium or long term.

Our core consulting and implementation services include:

• Strategy & transformation
• On-demand virtual roles
• Data discovery and mapping
• Risk advisory and assurance
• Continuity/Resilience
• Data privacy and GDPR
• ISO 27001 & NIST CSF
• Supplier assurance
• PCI, PA & P2PE
• Incident response planning
• Card production audits
• Cyber security review
• SOC advisory & implementation
• XDR consulting & implementation

Alongside our core services, we have a range of bespoke services to help organisations protect their systems and information:

• Risk Assessments
• Security Architecture Review
• Information Security Awareness and Training Programmes
• Information Security Policy Development
• Security Transformation Programmes

The ideal candidate will have commercial experience within the information and assurance field, gained from delivering a diverse range of security and assurance services ideally into a broad client base. In addition to your technical skills, you will have strong client facing skills and be comfortable dealing with senior client stakeholders.

Summary:

• Liaise with the Resource Management and Pre-Sales team during the sales cycle to assist in quantifying, pricing and assessing resources required for the project delivery.
• Assist with sales proposals, bids and tenders for delivery of consulting and implementation services.
• You will conduct onsite and remote activities to advise, assess, analyse and report in line with the engagement project requirements.
• This will involve meeting client stakeholders, conducting documentation reviews, assessing technical solutions and systems as well as presenting information and advice to senior business partners.
• Translate the technical and non-technical findings from an assessment or exercise into relevant, actionable remediation road maps for customers.
• Responsible for adhering to all internal policy and procedures in relation to security and quality best practice.
• Ability to travel to clients’ sites to perform engagements of varying durations as required.
• You will act as mentor to less experienced consultants and foster knowledge sharing throughout the delivery team.

What we are looking for in you:

• Have strong skills in Sentinel management & optimisation
• Experienced in XDR apps, log source onboarding and cost analysis
• Can demonstrate strong experience and track record in MS Purview information protection & Data Loss Prevention (DLP)
• Experienced in Azure Resource Manager template, Git, KQL, PowerShell
• Can work with control frameworks such as NIST 800-53, SANS Top 20 CSC, ISO 27001, Risk Assessment (ISO27005), Privacy and other frameworks as requested by clients.
• Able to always deliver projects within time and in budget and to a high level of customer satisfaction – exercising customer care.
• Demonstrate a strong ability to develop a rapport with customers and to engender long lasting trusted relationships
• Have strong business, consultancy and technical skills within the Information Security Industry
• Excellent communication, consulting soft skills and presentation skills.
• Exceptional written communication and reporting skills

• Flexibility in working hours (as per client requirement).
• Ability to travel both nationwide and internationally (where required).
• Willingness to learn new skills and disciplines.

• Experience in two or more of the below:
• Excellent attention to detail and documentation.
• Industry standards such as ISO 27001 Series, GDPR, NIST, PCI DSS.
• Customer facing experience at senior levels.
• CISSP / CISM / ISO 27001 LA or LI / PCI DSS QSA would be an advantage

Outputs:

• Ability to successfully compile accurate reports within defined timescales.
• On-site and remote projects with the objective of delivering consistent high quality consulting engagements including the transfer of knowledge to both NCC Group colleagues and client personnel when appropriate.

Ways of working:

• Focusing on Clients and Customers.
• Working as One NCC.
• Always Learning.
• Being Inclusive and Respectful.
• Delivering Brilliantly.
• Looking Externally.

At NCC Group, our mission is to create a more secure digital future. That mission underpins everything we do, from our work with our incredible clients to groundbreaking research shaping our industry. Our teams partner with clients across a multitude of industries, delving into, securing new products, and emerging technologies, as well as solving complex security problems. As global leaders in cyber and escrow, NCC Group is a people-powered business seeking the next group of brilliant minds to join our ranks. Our colleagues are our greatest asset, and NCC Group is committed to providing an inclusive and supportive work environment that fosters creativity, collaboration, authenticity, and accountability. We want colleagues to put down roots at NCC Group, and we offer a comprehensive benefits package, as well as opportunities for learning and development and career growth. We believe our people are at their brilliant best when they feel bolstered in all aspects of their well-being, and we offer wellness programs and flexible working arrangements to provide that vital support.

If this sounds like the right opportunity for you, then we would love to hear from you! Click on apply to this job to send us your CV and cover letter and the relevant member of our global talent team will be in touch with you. Alternatively send your details to .

We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles. If you do not want us to retain your details, please email . All personal data is held in accordance with the NCC Group Privacy Policy. We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage. Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process. This role being advertised will be subject to BS7858 screening as a mandatory requirement.