At a Glance
- Tasks: Lead cyber security efforts for the Sizewell C project, ensuring robust protection of digital assets.
- Company: Mace, a dynamic construction and consultancy firm focused on unlocking potential.
- Benefits: Inclusive workplace, flexible working options, and opportunities for professional growth.
- Other info: Join a diverse team committed to safety, integrity, and continuous improvement.
- Why this job: Make a real impact in cyber security while working on groundbreaking projects.
- Qualifications: Strong knowledge of cyber security frameworks and excellent communication skills required.
The predicted salary is between 60000 - 80000 € per year.
Mace combines construction expertise with consultancy to unlock potential in every person or project and redefine the boundaries of ambition. Our values shape the way we consult and define the people we want to join us on our journey.
The Sizewell C (SZC) cyber security lead operates within the SZC construction and nuclear security business landscape and is responsible for assuring the deployed Cyber infrastructure as part of the cyber security and information environment and future developments to the environment and appropriate governance. This position will focus on the deployed and planned cyber estate, including end points both owned and non-owned, physical and virtual together with access to them. This includes end user devices such as laptops, mobile devices, virtual servers, printers and room meeting systems. The position will drive development of 2nd line of assurance approach, reporting together with effective mapping to cyber security frameworks and standards in this field. The consequence of non‑compliance, compromise or vulnerability or incompatible controls with long lead time deliveries can amount to many millions of pounds sanctions or later remedial costs, so the foundations set by this team are critical to the business.
You’ll Be Responsible For:
- Provide assurance to the SZC BISO, and ultimately to the SZC Board, on the efficacy of SZC’s cyber configuration and security arrangements, risks and mitigations for devices and their access controls.
- Intelligently replicate cyber security policies, standards, procedures and RESA governance from HPC to SZC with NS, EPRP, EIS and alliances peer review.
- Intelligent customer (IC) responsibility for licensee Cyber Security requirements.
- Define and ensure the delivery of all assurance activities required to demonstrate compliance with all security requirements, including those specified and delivered by NS, EIS and EPRP or other third parties, that protect the confidentiality, integrity and availability of SZC information stored or processed upon devices, physical or virtual.
- Review and acceptance of security designs produced by EPRP and SZC suppliers.
- Set the requirements and own the development and implementation of processes and procedures that deliver secure cyber operations at SZC, including to SaaS providers.
- Ensure that all cyber risks are captured within project risk logs and with the BISO into security risk tools, define and assure delivery of all mitigations.
- Provide briefings to the SZC Security team on risks.
- Utilising up-to-date knowledge of cyber security tools including in M365 to advise and support the project in delivering the best cyber security approach that aligns data privacy, business objectives and ensuring information security safeguards are effective through assurance activities.
- Evaluate the cyber threat and vulnerability landscape, proposed refinement and develop of SZC policies and controls to reduce residual risk and attack surface.
You’ll Need To Have:
- Knowledge of cyber security and assurance of deployed controls.
- Established cyber security credentials.
- Good working knowledge of applicable international standards and information security frameworks (ISO27001, CIS, NIST, GDPR, Cyber Essentials Plus).
- Aware of risk assessment methodologies including ISO27005 and NIST.
- Familiar with cyber security tools such as defender for cloud, defender, purview and Intune.
- Familiarity with process of vulnerability scanning and management together with penetration testing.
- Device deployment, management, patching, conditional access, isolation.
- Assurance of deployed baselines.
- Reporting and dashboards.
- Knowledge of national protective security authority (NPSA) and national cyber security centre (NCSC) guidance and frameworks including cyber essentials.
- Confident in own abilities and be able to deliver in a dynamic environment.
- Proven stakeholder management.
- Excellent presentation and communication skills.
- The post holder must currently hold or be able to achieve national security vetting (NSV) security check (SC).
- A role requiring regular visits to offices, partners, alliances and sites and temporary structures around them.
Our values:
- Safety first - Going home safe and well: We champion a safe, diverse and inclusive working environment, understanding the importance of wellbeing in every team.
- Client focus - Deliver on our promise: We own the quality of deliverables, strategic outcomes and build long term relationships with our clients.
- Integrity - Always do the right thing: We influence positive outcomes within our industry, while always aligning with our compliance obligations.
- Create opportunity - For our people to excel: We champion a continuous improvement culture throughout all activities, inspiring our people and teams to develop.
Mace is an inclusive employer and welcomes interest from a diverse range of candidates. Even if you feel you do not fulfil all the criteria, please apply as you may still be the best candidate for this role or another role within our organisation. We are also open to discussing part time, flexible, and hybrid working options if suitable within the role.
Information Senior Security Specialist (Cyber Security Lead) in Leiston employer: Mace
Mace is an exceptional employer that prioritises safety, integrity, and client focus while fostering a culture of continuous improvement and inclusivity. As a Senior Security Specialist in the dynamic environment of the Sizewell C project, you will have the opportunity to work at the forefront of cyber security within the construction and nuclear sectors, ensuring the highest standards of information security. With a commitment to employee growth and flexible working options, Mace empowers its team members to excel and make a meaningful impact.
StudySmarter Expert Advice🤫
We think this is how you could land Information Senior Security Specialist (Cyber Security Lead) in Leiston
✨Tip Number 1
Network like a pro! Reach out to people in the cyber security field, especially those connected to Mace. Attend industry events or webinars, and don’t be shy about sliding into DMs on LinkedIn. You never know who might have the inside scoop on job openings!
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of cyber security frameworks like ISO27001 and NIST. Be ready to discuss how you’ve tackled challenges in previous roles. We want to see your problem-solving skills in action!
✨Tip Number 3
Showcase your expertise with practical examples. When discussing your experience, highlight specific projects where you’ve implemented security measures or improved processes. This will help us see how you can add value to our team.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, it shows you’re genuinely interested in joining Mace and being part of our mission to redefine ambition in the construction and consultancy space.
We think you need these skills to ace Information Senior Security Specialist (Cyber Security Lead) in Leiston
Some tips for your application 🫡
Tailor Your Application:Make sure to customise your CV and cover letter to highlight your experience in cyber security and assurance. Use keywords from the job description to show that you understand what Mace is looking for.
Showcase Your Skills:Don’t just list your qualifications; demonstrate how your skills align with the role. Talk about your knowledge of frameworks like ISO27001 and your experience with tools like Defender for Cloud. We want to see how you can contribute!
Be Clear and Concise:Keep your application straightforward and to the point. Use bullet points where possible to make it easy for us to read. Remember, clarity is key when discussing complex topics like cyber security.
Apply Through Our Website:We encourage you to submit your application through our website. It’s the best way for us to receive your details and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team!
How to prepare for a job interview at Mace
✨Know Your Cyber Security Frameworks
Make sure you brush up on your knowledge of international standards and frameworks like ISO27001, NIST, and Cyber Essentials. Being able to discuss how these apply to the role will show that you're not just familiar with the theory but can also implement it in practice.
✨Demonstrate Stakeholder Management Skills
Prepare examples of how you've successfully managed stakeholders in previous roles. This could involve discussing how you communicated complex cyber security concepts to non-technical audiences or how you navigated differing priorities among team members.
✨Showcase Your Technical Know-How
Be ready to talk about specific tools and technologies you've used, such as Microsoft Defender for Cloud or Intune. Highlight any experience you have with vulnerability scanning and management, as well as your approach to device deployment and patching.
✨Emphasise Your Problem-Solving Abilities
Think of scenarios where you've had to evaluate cyber threats or vulnerabilities and how you developed policies or controls to mitigate them. Sharing these experiences will demonstrate your proactive approach to cyber security and your ability to think critically under pressure.
