Cyber Security Adviser in Winchester

We are seeking to hire a Cyber Security Adviser with an IT background to join our growing team. Evalian is a cyber security and data protection consultancy business specialising in penetration testing, security advisory, ISO 27001 certification, managed detection & response and data protection compliance. We work with a broad range of clients, from ambitious start-ups to global organisations and leaders in their field, delivering pragmatic and commercially focused cyber security and data protection services.

The role is ideally suited for someone with at least 3 years of IT experience who wishes to transition into cyber security, and to benefit from relevant training and mentoring and hands-on consulting experience.

You will work with clients to assess and help improve their security posture through activities including Cyber Essentials readiness analysis, assessment and auditing, security assurance activities and technically minded cyber security controls assessments and consultancy.

Working within our Cyber Security team, you will learn to assess, advise, and support clients to improve their security posture and cyber resilience. Specific activities will include (but not be limited to):

• Conducting comprehensive independent cyber security audits for our clients, evaluating the effectiveness of their security controls, policies, procedures and processes against industry and regulatory standards, guidelines, and best practices (e.g., CIS 18, NIST Cybersecurity Framework, ISO27002, NIS D etc).
• Supporting the delivery of threat and risk assessment engagements to help clients identify key threats and actors, key systems, vulnerabilities. Provide practical and prioritised recommendations to mitigate risks.
• Conducting Cyber Essentials gap analysis to assess client’s current cyber security stance and develop tailored remediation programmes to help clients achieve alignment to the control requirements defined in the NCSC’ Cyber Essentials Technical Control domains.
• Auditing organisations against the Cyber Essentials / Cyber Essentials Plus standards (once trained and certified).
• Supporting the wider security team to deliver the following activities as required:
  • Delivery of client vulnerability assessments and phishing / social engineering assessments using various tools.
  • Delivery of Incident Response planning and testing engagements (including tabletop and live play exercises).
  • Delivery of supply chain security risk management services including supplier assessment, risk identification, risk rating and remediation activity.
• Providing general cyber security advice and guidance to clients of various sizes, operating in multiple sectors and regulatory environments.

We will provide on the job support and fund external training for specific qualifications and skills as part of a development plan.

The successful candidate will have at least 3 years (excluding periods of study) in an IT or IT security role and a strong interest in and a desire to focus on cyber security. Your IT experience should be in one or more of:

• IT Support or Engineering
• Network / Infrastructure Support or Engineering
• Cyber Security Support or Engineering

Ideally you will have experience in a client facing role, but this is not essential provided you are comfortable working with third parties and have good communication skills. You will also require excellent writing skills as report drafting is a key part of the job.

You will need to be a self-starter who will fill in gaps in your knowledge through continued professional development; and you will want to attain additional security qualifications, supported by Evalian and be willing to commit some personal time for studying for these.

The salary will depend on your qualifications and experience but will be in the range of £45,000 to £55,000 plus benefits. All employees get 25 days of annual leave, plus bank holidays and Birthday Day Off. Benefits include 5% employer contribution pension scheme, life insurance including employee assistance programme and on completion of probation, private medical insurance including dental and optical cashback.

The role can be office based (Winchester), home based or hybrid. With this in mind, we are happy to hear from candidates in any part of the UK provided you can work effectively from home and are willing to travel to client sites from time to time. If you are home based, you'll need to have a dedicated, secure, working area and reliable internet connection. We may request that you attend our offices or events from time to time for various purposes, but we’ll always provide you with advance notice. Travel expenses will be reimbursed.

We are not working with agencies at this time. Thank you. We are committed to encouraging equality, diversity and inclusion among our workforce, and eliminating unlawful discrimination.