At a Glance
- Tasks: Lead cybersecurity risk assessments and implement secure design solutions in public sector environments.
- Company: Dynamic tech firm focused on innovative security solutions and collaboration.
- Benefits: Competitive salary, hybrid working, and continuous professional development opportunities.
- Other info: Join a diverse and inclusive community with excellent career growth potential.
- Why this job: Make a real impact in cybersecurity while working with expert teams and cutting-edge technologies.
- Qualifications: Experience in cybersecurity and strong knowledge of security frameworks required.
The predicted salary is between 60000 - 80000 £ per year.
A high number of candidates may make applications for this position, so make sure to send your CV and application through as soon as possible.
Location: Cambridgeshire / London, Hybrid - c. 3 days minimum on-site presence required
Contract Type: Permanent & Full-time
Salary: Competitive + Benefits
About the Role
As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You'll collaborate with multi-disciplinary teams to define and implement security risk assessments and best practice solutions, ensuring alignment with business risk appetites and transformation goals. You'll be part of a knowledge-sharing culture, working alongside expert peers in Secure Architecture and Risk Planning.
Key Responsibilities
- Deliver Secure by Design risk and security assurance functions within MOD/Public Sector.
- Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management.
- Facilitate security and risk workshops with Authority departments.
- Produce clear reporting on vulnerabilities, risks, controls, and treatment activities.
- Provide pragmatic remediation and risk management guidance.
- Support secure design across technology platforms including cloud infrastructures.
- Contribute to blogs and research within the business community.
Experience Required
The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC and UK Cyber Security Council professional registration at either Chartered or Principal for Risk Management. Active DV clearance required.
Strong working knowledge of:
- Security Assurance Coordinator or Delivery Team Security Lead roles
- JSP440, JSP604/453 & JSP490
- Working with system secure design
- MOD/GDS Secure by Design Principles
- Supplier Chain Assurance and Risks.
- Security related legislation (e.g. GDPR, PCI DSS, ICO requirements).
- Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8.
- HMG, NPSA and NCSC security policies, standards and guidance.
Have experience building and implementing secure by design principles within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis.
Working understanding of:
- Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups, Host based firewalls, Web Application Firewalls
- Physical Network Infrastructure, Anti-Patterns, Network Firewalls, IDS/IPS, DMZs
- AI use cases, secure configuration (ISO42001 knowledge preferable), ITHC scoping and remediation action plans.
- HLD and LLD reviews and analysis.
- Working knowledge and experience of tooling relating to cloud security posture management offerings, cloud native security (AWS/Azure) and endpoint security.
Proficient in Public Key Infrastructure, Data at Rest/in Transit, Cryptography, Privileged User Access Management, Zero Trust, Cross Domain Solutions and Role-based Access Controls. Thrives on tackling challenges with creative solutions, challenging the normal.
What's in it for You
- Hybrid Working: c. 3 days onsite per week.
- Career Development: Continuous learning and professional growth.
Interested? Submit your application to learn more about this exciting opportunity.
Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives.
Cyber GRC Consultant (DV Cleared) in Swindon employer: Sanderson Government and Defence
As a Cyber GRC Consultant with us, you'll be part of a dynamic and inclusive team that values continuous learning and professional growth. Our hybrid working model allows for flexibility while ensuring you collaborate closely with expert peers in a supportive environment, all while contributing to meaningful projects within the MOD and Public Sector. With competitive salaries and a commitment to employee development, we offer an exceptional workplace where your skills can thrive.
Contact Details:
Sanderson Government and Defence Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land Cyber GRC Consultant (DV Cleared) in Swindon
✨Tip Number 1
Get your networking game on! Connect with professionals in the Cyber Security field on LinkedIn and join relevant groups. Engaging in discussions can help us get noticed and might even lead to job referrals.
✨Tip Number 2
Prepare for interviews like a pro! Research common interview questions for Cyber GRC roles and practice your responses. We should also be ready to discuss our past experiences and how they align with the job requirements.
✨Tip Number 3
Showcase your expertise! Create a portfolio or blog where we can share insights on Cyber Security topics. This not only demonstrates our knowledge but also helps us stand out from the crowd.
✨Tip Number 4
Apply through our website! It’s the quickest way to get your application in front of the right people. Plus, it shows that we’re genuinely interested in the role and the company.
We think you need these skills to ace Cyber GRC Consultant (DV Cleared) in Swindon
Some tips for your application 🫡
Get Your CV Spot On:Make sure your CV is tailored to the Cyber GRC Consultant role. Highlight your experience in cybersecurity, risk management frameworks, and any relevant qualifications like CIISEC membership. We want to see how you fit into our world!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about cyber security and how your skills align with our needs. Keep it concise but impactful – we love a good story!
Showcase Your Experience:When filling out your application, be specific about your past roles and achievements. Mention any projects where you implemented secure by design principles or led risk workshops. We’re looking for real-world examples that demonstrate your expertise.
Apply Through Our Website:Don’t forget to submit your application through our website! It’s the best way to ensure it gets to the right people quickly. Plus, it shows us you’re keen and ready to join our team!
How to prepare for a job interview at Sanderson Government and Defence
✨Know Your Cyber Security Stuff
Make sure you brush up on your knowledge of security frameworks like ISO 27001 and NIST CSF. Be ready to discuss how you've applied these in past roles, especially in MOD or Public Sector environments.
✨Showcase Your Risk Management Skills
Prepare examples of how you've led risk management frameworks or facilitated security workshops. Highlight your experience with JSP440 and other relevant legislation to demonstrate your expertise.
✨Be Ready for Technical Questions
Expect questions about cloud security, threat modelling, and secure design principles. Practise explaining complex concepts in simple terms, as you'll need to communicate effectively with multi-disciplinary teams.
✨Cultural Fit Matters
Research the company's values and culture. Be prepared to discuss how you can contribute to their knowledge-sharing environment and your enthusiasm for continuous learning and professional growth.
