Lead Cyber Assessor

We are seeking a highly skilled Cyber Essentials Plus Assessor and Penetration Tester to join our team. The successful candidate will be responsible for conducting Cyber Essentials Plus (CE+) assessments, security audits, and penetration testing engagements. You will work closely with clients to assess their security posture, identify vulnerabilities, and provide actionable recommendations to enhance their cyber resilience.

Key Responsibilities:

• Perform Cyber Essentials Plus assessments in accordance with the NCSC and IASME frameworks.
• Conduct internal and external penetration testing, including network, web application, and wireless testing.
• Assess system configurations, endpoint security, and access controls to ensure compliance with Cyber Essentials Plus requirements.
• Produce comprehensive and accurate reports detailing security vulnerabilities and remediation recommendations.
• Provide expert guidance to clients on achieving and maintaining Cyber Essentials and Cyber Essentials Plus certification.
• Collaborate with clients to conduct scoping assessments and understand business risks.
• Assist in the development and delivery of security awareness training and advisory services.
• Stay up to date with the latest security threats, trends, and best practices.
• Work closely with internal teams to enhance service delivery and improve security assessment methodologies.

Key Skills and Qualifications:

• Essential:
• Cyber Essentials Plus Assessor certification – CSTM/CSTL, OSCP, CREST, CISSP, CEH, or similar
• Experience conducting Cyber Essentials Plus assessments.
• Strong knowledge of cybersecurity principles, vulnerabilities, and attack methodologies.
• Experience with penetration testing tools such as Burp Suite, Metasploit, Nmap, Nessus, or similar.
• Knowledge of network security, web application security, and endpoint security.
• Ability to produce clear, concise, and professional reports.
• Strong communication skills and ability to interact with clients at all levels.
• Desirable:
• Certifications such as OSCP, CREST, CISSP, CEH, or similar.
• Experience with vulnerability scanning tools and SIEM solutions.
• Familiarity with regulatory and compliance frameworks such as ISO 27001, GDPR, or NIST.
• Scripting knowledge (Python, PowerShell, or Bash) for automation of security tasks.

Benefits:

• Competitive salary and performance-based incentives.
• Opportunities for professional development and certification support.
• Flexible working arrangements (Remote).
• Exposure to a variety of industries and cybersecurity challenges.
• A supportive and innovative work environment.

How to Apply:

If you are passionate about cybersecurity and have the skills to help organizations improve their security posture, we would love to hear from you. Please submit your resume and a cover letter detailing your experience and qualifications to :

info@cyberlock.co.uk