Senior Security Consultant - Public Sector

The team you will be working with: Security Consultant - Public Sector Hybrid Variable London. We are currently recruiting a Security Consultant with public sector experience to join our growing client advisory. The Security Consultant will be part of the Public Sector team, and will work across clients in Health, Central Government and Public Safety.

Key aspects of the role are:

• Ensure solutions are designed, delivered and operated securely.
• Contribute to business growth by identifying and shaping opportunities.
• Provide security leadership and guidance throughout the project lifecycle (from design to implementation and handover), and managed services (IT support and maintenance).
• Embed security by design and ensure solutions meet compliance, regulatory and client-specific security requirements.
• Review and assess solution architectures and live systems from a security perspective, to identify and mitigate security risks.
• Work with Service Management to ensure that partners and suppliers adhere to agreed standards, policies and verify/evidence appropriate compliance and security KPIs.
• Be a trusted advisor to senior clients on security topics.
• Conduct risk assessments and assurance reviews to validate that our solutions and services meet the required security standards.
• Ensure compliance with UK Government standards and frameworks.
• Support the development and maintenance of security policies and guidelines for the Public Sector.
• Work with our client partners to provide security expertise for RFI, RFP and tender responses.
• Present security propositions and solutions to our clients, in collaboration with our sales teams.
• Identify opportunities to expand security services with our clients.
• Build relationships with our partners to drive growth.

What experience you will bring:

• Minimum of 5 years’ experience working with Public Sector clients, preferably in the Health, Central Government or Public Safety domains.
• Minimum of 5 years’ security consulting experience in a multi-tiered IT enterprise environment / Governance, Risk and Compliance role.
• Minimum of 5 years’ experience in a Governance, Risk and Compliance role.
• A track record of delivering security solutions for large-scale infrastructure, transformation or integration programmes.
• Practical knowledge and understanding of industry security frameworks and guidance such as NIST CSF, NIST 800-53, NCSC CAF and other NCSC guidelines.
• Experience identifying sales opportunities and supporting Public Sector RFP / RFI / tender responses.
• Good knowledge of networking (switching, routing, firewalls).
• Experience with the design concepts associated with adoption of Cloud platforms (AWS and/or Microsoft Azure).
• An understanding of the native security capabilities and good practice within Cloud platforms (AWS and/or Microsoft Azure).
• In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence.
• A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE).
• Experience working with security standards such as ISO 27001, 27002, 27017, 27108 etc.

DESIRABLE SKILLS AND EXPERIENCE:

• CISSP, CISM, CCSP, CRISC or equivalent experience.
• Good knowledge covering several of the following examples (this list is not exhaustive): AD, Cryptography, End User Computing, IAM, PKI, Server hardening, SIEM, SOAR, virtualisation (VMware).
• Participate in pre-sales tasks and perform ongoing support of delivery collateral.
• Familiarity with MITRE ATT&CK.