Cyber Security Advisory Lead - Contract
Posted a month ago
- London, Greater London
- Any
- External
- Expires In 2 months
You will need to login
before you can apply for a job.6 MONTH CONTRACT WITH HIGH LIKELIHOOD OF EXTENSIONREMOTE WITH OCCASIONAL TRAVEL TO LONDON ONCE OR TWICE A MONTHINSIDE IR35GBP600–GBP700 PER DAYASAP STARTCyber Security Advisory Lead is responsible for providing IT Security guidance and assurance to the business for all IT related projects. They bridge the gap between the business area CIOs and IT Security, performing security control assessments, risk assessments, drafting exceptions, inputting into supplier selection and supporting project stage approval. The role requires someone who has experience of conducting cyber assurance and a wealth of experience on various security projects within IT working within a fast–moving, agile group.Principal accountabilitiesFollow Cyber Security Advisory processes; working with project teams to conduct and document risk and control assessments, utilising industry standard frameworksSocialise risks or gaps identified in the security assessments to project teams and relevant business areas, define remediation plans and track progress of remediationWork with project delivery teams and Cyber Threat and Vulnerability teams to deploy software composition tools and develop vulnerability remediation plans and timeframesSupport the Penetration Testing Manager to source and scope penetration test or IT Heath Checks, review results and create risk treatment plans based on findingsApply knowledge of Security best practice whilst reviewing project documentation to match business requirements, employ a consistent engagement approach for all projects/programmesBe an enabler for the business objectives, rather than an obstruction, build lasting relationships with the Project and ProgrammeAct as a Subject Matter Expert delivering security services within the project lifecycle and procurementsWork collaboratively with project teams, across portfolios to understand the business objectives and ensure that security principals & secure architectural patterns are built in by designProvide standard and bespoke security design advice to projects across infrastructure, operating systems and applicationsReview existing and proposed architectures, identify security design gaps, work with developers and provide guidance on secure coding and industry best practice (OWASP)ONE OR MORE OF THE FOLLOWING CERTIFICATES IS PREFERREDDegree in computer science, information systems, cyber security, or related field.Certified Information Security Manager (CISM)Certified Information Systems Security Professional (CISSP)Certified Cloud Security Professional (CCSP) / other Cloud Security certificationSKILLSPrior experience in information security is essentialPrior work experience in delivery, managing and quality assuring information security solutionsExperience in managing complex stakeholder relationshipsExcellent self–motivation, communication and influencing skills.Proven experience in working in a team of professional staff immersed in a large complex organisationInterpersonal and influencing skills, together with a personal credibility, which gains the trust and respect of the wider security community, as well as with people within the Post OfficeThe ability to assimilate a wide range of information, make practical judgments and take appropriate decisions based on that dataAbility to share knowledge with colleagues to the overall benefit of the departmentAbility to cope with pressure, maintaining performance when under stress, and managing time effectively through the application of organisation and planning skillsSOFT SKILLSDemonstrates Post Office values and champions customer–centric thinkingLead high–performance teams, proven ability to coach and mentorHigh level of initiative, dependability and ability to work with little supervision while being resilient to changeGrowth mind–set that drives learning, motivation, and achievementExperience with senior stakeholder engagement and relationship buildingExcellent communication skills, with the ability to effectively simplify complex ideas for colleagues and business stakeholders at all levels ranging from board members to technical specialistsExperience with delivering real solutions, demonstrating leadership, and influencing across shaping, design and supporting activitiesAbility to pragmatically balance the need for high levels of security with the demands of delivery at paceExcellent collaborator within internal business units, delivery teams and across project teams / external partners/vendorsTECHNICAL SKILLS5+ years of experience in cyber security, with at least 2 years in large enterprisesExperience in using industry recognised security standards, frameworks and regulatory requirements such as NIST CSF / RMF / 800–53, IRAM2, CSA CSM / STAR, PCI DSS, NCSC CAF, ISO.Proven track record of managing cybersecurity risks and designing risk mitigation strategies.Create a job alert and receive personalised job recommendations straight to your inbox.
#J-18808-Ljbffr
before you can apply for a job.6 MONTH CONTRACT WITH HIGH LIKELIHOOD OF EXTENSIONREMOTE WITH OCCASIONAL TRAVEL TO LONDON ONCE OR TWICE A MONTHINSIDE IR35GBP600–GBP700 PER DAYASAP STARTCyber Security Advisory Lead is responsible for providing IT Security guidance and assurance to the business for all IT related projects. They bridge the gap between the business area CIOs and IT Security, performing security control assessments, risk assessments, drafting exceptions, inputting into supplier selection and supporting project stage approval. The role requires someone who has experience of conducting cyber assurance and a wealth of experience on various security projects within IT working within a fast–moving, agile group.Principal accountabilitiesFollow Cyber Security Advisory processes; working with project teams to conduct and document risk and control assessments, utilising industry standard frameworksSocialise risks or gaps identified in the security assessments to project teams and relevant business areas, define remediation plans and track progress of remediationWork with project delivery teams and Cyber Threat and Vulnerability teams to deploy software composition tools and develop vulnerability remediation plans and timeframesSupport the Penetration Testing Manager to source and scope penetration test or IT Heath Checks, review results and create risk treatment plans based on findingsApply knowledge of Security best practice whilst reviewing project documentation to match business requirements, employ a consistent engagement approach for all projects/programmesBe an enabler for the business objectives, rather than an obstruction, build lasting relationships with the Project and ProgrammeAct as a Subject Matter Expert delivering security services within the project lifecycle and procurementsWork collaboratively with project teams, across portfolios to understand the business objectives and ensure that security principals & secure architectural patterns are built in by designProvide standard and bespoke security design advice to projects across infrastructure, operating systems and applicationsReview existing and proposed architectures, identify security design gaps, work with developers and provide guidance on secure coding and industry best practice (OWASP)ONE OR MORE OF THE FOLLOWING CERTIFICATES IS PREFERREDDegree in computer science, information systems, cyber security, or related field.Certified Information Security Manager (CISM)Certified Information Systems Security Professional (CISSP)Certified Cloud Security Professional (CCSP) / other Cloud Security certificationSKILLSPrior experience in information security is essentialPrior work experience in delivery, managing and quality assuring information security solutionsExperience in managing complex stakeholder relationshipsExcellent self–motivation, communication and influencing skills.Proven experience in working in a team of professional staff immersed in a large complex organisationInterpersonal and influencing skills, together with a personal credibility, which gains the trust and respect of the wider security community, as well as with people within the Post OfficeThe ability to assimilate a wide range of information, make practical judgments and take appropriate decisions based on that dataAbility to share knowledge with colleagues to the overall benefit of the departmentAbility to cope with pressure, maintaining performance when under stress, and managing time effectively through the application of organisation and planning skillsSOFT SKILLSDemonstrates Post Office values and champions customer–centric thinkingLead high–performance teams, proven ability to coach and mentorHigh level of initiative, dependability and ability to work with little supervision while being resilient to changeGrowth mind–set that drives learning, motivation, and achievementExperience with senior stakeholder engagement and relationship buildingExcellent communication skills, with the ability to effectively simplify complex ideas for colleagues and business stakeholders at all levels ranging from board members to technical specialistsExperience with delivering real solutions, demonstrating leadership, and influencing across shaping, design and supporting activitiesAbility to pragmatically balance the need for high levels of security with the demands of delivery at paceExcellent collaborator within internal business units, delivery teams and across project teams / external partners/vendorsTECHNICAL SKILLS5+ years of experience in cyber security, with at least 2 years in large enterprisesExperience in using industry recognised security standards, frameworks and regulatory requirements such as NIST CSF / RMF / 800–53, IRAM2, CSA CSM / STAR, PCI DSS, NCSC CAF, ISO.Proven track record of managing cybersecurity risks and designing risk mitigation strategies.Create a job alert and receive personalised job recommendations straight to your inbox.
#J-18808-Ljbffr
.webp "Apply4U | Sign Up")
.webp "Apply4U | Contact Us")
.webp "Apply4U | Sign up")
