Technical Advisory Security Consultant
Posted 2 months ago
- London, Greater London
- Any
- External
- Expires In a month
Technical Advisory Security Consultant page is loaded
Technical Advisory Security Consultant
Apply
locations
UK Remote
time type
Full time
posted on
Posted Yesterday
job requisition id
R7803
Role:
Technical Advisory Security Consultant Location:
Remote Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference and we want you to join in our mission, to make the world safer and more secure.Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business…
The Opportunity:This is a Technical Advisory Cyber Security consultancy role with specific focus on assisting clients with Security Improvement and Remediation and Transformation programmes. Which may contain the following:Understanding the Security needs and aspirations of a client Delivering Technical Security Improvement and Remediation programs Guiding Design and Implementation of Cyber controlsThe C&I SIR practice works with NCC Group clients to deliver prioritised programs of security improvements: in close collaboration with NCC Group security audit, Incident Response, Penetration and Red Teams. Security Consultants play key roles in these client assignments: as recognised security experts they drive change, as well as advising clients and their service providers on changes they will make. Key to this role is assessing and enhancing pre-existing risk and security information including incident reports, red team findings, penetration tests and security audits, augmenting those where appropriate with additional security reviews.As part of a project team, they help to identify priorities, ensure delivery is happening at pace, and validate that improvements are properly implemented. They work with SMEs across NCC Group to ensure the right expertise is delivered for each requirement.This is a role which requires strong technical skills with a need to understand how the enhancement delivered can mitigate a part of the attack life cycle, some situations may require hands-on skills or over the shoulder guidance throughout the implementation of security principles for clients, as well as advising clients and their service providers on changes they will make in collaboration. This role also needs a clear understanding of how the root cause of issues can also be a procedural or governance issue. Programmes also need to be completed with the empathy and understanding of the client requirements to continue BAU operations.Key Accountabilities:Acting as a technical cyber authority for clients. Ensuring that a client Security Posture is materially impacted in a positive manner over the duration of an
engagement.
Assessing pre-existing risk and security information including incident reports, red team findings, penetration tests and security audits, augmenting those where appropriate with additional security reviewsProviding technical input for work plans and project costings. During the lifetime of a project provide technical input to the prioritisation and planning processes.Creating technical content for project documentsCollaborating with project managers on project status, resource allocation and project risk – preferably using Agile approachesWorking closely with NCC Group colleagues, client and third-party technical staff to deliver prioritised improvements at pace, and delivering the workload themselves hands-onReviewing improvements delivered to ensure they deliver the expected risk mitigations.Working with NCC Group colleagues where appropriate to ensure all relevant factors are being considered and appropriate resources are engaged.Championing the SIR practice with colleagues across NCC Group and acting as the key conduit to additional NCC services where these are needed by a client.Minimum Requirements:Clear knowledge of cyber security principles and the understanding of an attack chain lifecycle, though it is not essential to come from a pure play cyber security background. Demonstrate understanding of Cyber security frameworks, i.e. NIST, CIS or Mitre.Ability to consume security reports and to recommend appropriate steps to mitigate concernsWell-rounded knowledge of IT roles and responsibilities which support security. Network engineering and support, Infrastructure engineering, Information security management and IT complianceKnowledge and understanding of modern Windows, Active Directory, Entra ID and Microsoft 365Knowledge of the basics and advantages of Azure, AWS, GCP.Working collaboratively with team membersWriting clear and accurate documentationDesirable Requirements:Recognised expertise and qualification in IT information security management, or IT complianceExperience of working in an agile environmentExperience of a service management based organizationExperience in some of the following, in an enterprise contextWindows, Active Directory, Entra ID (Azure AD) and Microsoft 365Azure, AWS, GCPDevOps, CI/CD, software development and testing, infrastructure as codeNetwork engineering and supportInfrastructure engineering and supportInformation security management, IT complianceBlue team, network defense, protective monitoring engineeringUnderstanding of DevOps, CI/CD, software development and testing, infrastructure as codeA cyber security qualification such as CISSP or CISMExperience of working to recognised industry standards such as PCI-DSS, ISO27001 or ISAE 3402 SOCExperience of working in a consultancyAgile certificationThe following additional attributes would be advantageous:Technical certifications in any of the above technologiesA technical cyber security qualification such as CEHIn-depth knowledge of cyber security frameworks such as MITRE ATT&CK – which have heavy technical elements and the ability to relate those to Key controls in less technically focused frameworks.Experience of working in a consultancyAgile certificationExperience creating solution architectures and designs Behaviours:
Client-Focused:
Prioritizes client needs and expectations, ensuring that all actions and decisions lead to client satisfaction and success. Collaborates as ‘One NCC’:
Works in unison with all departments and teams, fostering a united front and shared objectives across the entire organisation. Adds Value:
Goes beyond the minimum requirements to provide solutions and contributions that enhance the customer’s success and growth. Enables and Empowers:
Provides tools, resources, and support to team members, fostering an environment where they can thrive and excel. Personal Responsibility:
Takes ownership of actions, decisions, and outcomes, acknowledging successes as well as areas for improvement. Communicates Openly and Respectfully:
Shares information transparently while maintainingrespect and consideration for all stakeholders. Open Mindset:
Embraces new ideas, diverse perspectives, and is willing to adapt in response to evolving situations or feedback. Growth and Development:
Actively seeks opportunities for personal and professional growth, championing learning and evolution for oneself and the organisation. Analytical Thinking:
Demonstrates a systematic approach to resolving issues and identifying About NCC Group
The NCC Group family has over 2,200 members located all around the world, providing a trusted advisory service to 15,000 customers. Born in the UK, we have now have offices in North America, Canada, Europe, Asia- Pacific and United Arab Emirates.
We are passionate about helping our customers to protect their brand, value and reputation against the ever-evolving threat landscape. We fuel that passion with investment in our people and our business.
Our values and code of ethics are at the heart of how we operate – we work together, we are brilliantly creative and we embrace difference. We treat everyone and everything with equal respect.
We want to create an environment where all colleagues feel psychologically, emotionally and physically safe to be authentic, sharing their personal experiences to represent the diversity of the world they live in, and have equal opportunity to achieve their best.
About your application
We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.
If you do not want us to retain your details, please email
#####.
All personal data is held in accordance with the NCC Group Privacy Policy. We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.
Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does.
To apply, you must be willing and able to undergo the vetting process. This role being advertised will be subject to BS7858 screening as a mandatory requirement.
Similar Jobs (6)
Senior SIEM Engineer
locations
UK Remote
time type
Full time
posted on
Posted 4 Days Ago
Cyber Security Analyst R2
locations
UK Remote
time type
Full time
posted on
Posted 30+ Days Ago
About Us
The NCC Group family has over 2,200 members located all around the world, providing a trusted advisory service to 15,000 customers. Born in the UK, we have now have offices in North America, Canada, Europe, Asia- Pacific and United Arab Emirates. We are passionate about helping our customers to protect their brand, value and reputation against the ever-evolving threat landscape. We fuel that passion with investment in our people and our business.Our values and code of ethics are at the heart of how we operate – we work together, we are brilliantly creative and we embrace difference. We treat everyone and everything with equal respect. We want to create an environment where all colleagues feel psychologically, emotionally and physically safe to be authentic, sharing their personal experiences to represent the diversity of the world they live in, and have equal opportunity to achieve their best.
#J-18808-Ljbffr
Technical Advisory Security Consultant
Apply
locations
UK Remote
time type
Full time
posted on
Posted Yesterday
job requisition id
R7803
Role:
Technical Advisory Security Consultant Location:
Remote Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference and we want you to join in our mission, to make the world safer and more secure.Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business…
The Opportunity:This is a Technical Advisory Cyber Security consultancy role with specific focus on assisting clients with Security Improvement and Remediation and Transformation programmes. Which may contain the following:Understanding the Security needs and aspirations of a client Delivering Technical Security Improvement and Remediation programs Guiding Design and Implementation of Cyber controlsThe C&I SIR practice works with NCC Group clients to deliver prioritised programs of security improvements: in close collaboration with NCC Group security audit, Incident Response, Penetration and Red Teams. Security Consultants play key roles in these client assignments: as recognised security experts they drive change, as well as advising clients and their service providers on changes they will make. Key to this role is assessing and enhancing pre-existing risk and security information including incident reports, red team findings, penetration tests and security audits, augmenting those where appropriate with additional security reviews.As part of a project team, they help to identify priorities, ensure delivery is happening at pace, and validate that improvements are properly implemented. They work with SMEs across NCC Group to ensure the right expertise is delivered for each requirement.This is a role which requires strong technical skills with a need to understand how the enhancement delivered can mitigate a part of the attack life cycle, some situations may require hands-on skills or over the shoulder guidance throughout the implementation of security principles for clients, as well as advising clients and their service providers on changes they will make in collaboration. This role also needs a clear understanding of how the root cause of issues can also be a procedural or governance issue. Programmes also need to be completed with the empathy and understanding of the client requirements to continue BAU operations.Key Accountabilities:Acting as a technical cyber authority for clients. Ensuring that a client Security Posture is materially impacted in a positive manner over the duration of an
engagement.
Assessing pre-existing risk and security information including incident reports, red team findings, penetration tests and security audits, augmenting those where appropriate with additional security reviewsProviding technical input for work plans and project costings. During the lifetime of a project provide technical input to the prioritisation and planning processes.Creating technical content for project documentsCollaborating with project managers on project status, resource allocation and project risk – preferably using Agile approachesWorking closely with NCC Group colleagues, client and third-party technical staff to deliver prioritised improvements at pace, and delivering the workload themselves hands-onReviewing improvements delivered to ensure they deliver the expected risk mitigations.Working with NCC Group colleagues where appropriate to ensure all relevant factors are being considered and appropriate resources are engaged.Championing the SIR practice with colleagues across NCC Group and acting as the key conduit to additional NCC services where these are needed by a client.Minimum Requirements:Clear knowledge of cyber security principles and the understanding of an attack chain lifecycle, though it is not essential to come from a pure play cyber security background. Demonstrate understanding of Cyber security frameworks, i.e. NIST, CIS or Mitre.Ability to consume security reports and to recommend appropriate steps to mitigate concernsWell-rounded knowledge of IT roles and responsibilities which support security. Network engineering and support, Infrastructure engineering, Information security management and IT complianceKnowledge and understanding of modern Windows, Active Directory, Entra ID and Microsoft 365Knowledge of the basics and advantages of Azure, AWS, GCP.Working collaboratively with team membersWriting clear and accurate documentationDesirable Requirements:Recognised expertise and qualification in IT information security management, or IT complianceExperience of working in an agile environmentExperience of a service management based organizationExperience in some of the following, in an enterprise contextWindows, Active Directory, Entra ID (Azure AD) and Microsoft 365Azure, AWS, GCPDevOps, CI/CD, software development and testing, infrastructure as codeNetwork engineering and supportInfrastructure engineering and supportInformation security management, IT complianceBlue team, network defense, protective monitoring engineeringUnderstanding of DevOps, CI/CD, software development and testing, infrastructure as codeA cyber security qualification such as CISSP or CISMExperience of working to recognised industry standards such as PCI-DSS, ISO27001 or ISAE 3402 SOCExperience of working in a consultancyAgile certificationThe following additional attributes would be advantageous:Technical certifications in any of the above technologiesA technical cyber security qualification such as CEHIn-depth knowledge of cyber security frameworks such as MITRE ATT&CK – which have heavy technical elements and the ability to relate those to Key controls in less technically focused frameworks.Experience of working in a consultancyAgile certificationExperience creating solution architectures and designs Behaviours:
Client-Focused:
Prioritizes client needs and expectations, ensuring that all actions and decisions lead to client satisfaction and success. Collaborates as ‘One NCC’:
Works in unison with all departments and teams, fostering a united front and shared objectives across the entire organisation. Adds Value:
Goes beyond the minimum requirements to provide solutions and contributions that enhance the customer’s success and growth. Enables and Empowers:
Provides tools, resources, and support to team members, fostering an environment where they can thrive and excel. Personal Responsibility:
Takes ownership of actions, decisions, and outcomes, acknowledging successes as well as areas for improvement. Communicates Openly and Respectfully:
Shares information transparently while maintainingrespect and consideration for all stakeholders. Open Mindset:
Embraces new ideas, diverse perspectives, and is willing to adapt in response to evolving situations or feedback. Growth and Development:
Actively seeks opportunities for personal and professional growth, championing learning and evolution for oneself and the organisation. Analytical Thinking:
Demonstrates a systematic approach to resolving issues and identifying About NCC Group
The NCC Group family has over 2,200 members located all around the world, providing a trusted advisory service to 15,000 customers. Born in the UK, we have now have offices in North America, Canada, Europe, Asia- Pacific and United Arab Emirates.
We are passionate about helping our customers to protect their brand, value and reputation against the ever-evolving threat landscape. We fuel that passion with investment in our people and our business.
Our values and code of ethics are at the heart of how we operate – we work together, we are brilliantly creative and we embrace difference. We treat everyone and everything with equal respect.
We want to create an environment where all colleagues feel psychologically, emotionally and physically safe to be authentic, sharing their personal experiences to represent the diversity of the world they live in, and have equal opportunity to achieve their best.
About your application
We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.
If you do not want us to retain your details, please email
#####.
All personal data is held in accordance with the NCC Group Privacy Policy. We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.
Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does.
To apply, you must be willing and able to undergo the vetting process. This role being advertised will be subject to BS7858 screening as a mandatory requirement.
Similar Jobs (6)
Senior SIEM Engineer
locations
UK Remote
time type
Full time
posted on
Posted 4 Days Ago
Cyber Security Analyst R2
locations
UK Remote
time type
Full time
posted on
Posted 30+ Days Ago
About Us
The NCC Group family has over 2,200 members located all around the world, providing a trusted advisory service to 15,000 customers. Born in the UK, we have now have offices in North America, Canada, Europe, Asia- Pacific and United Arab Emirates. We are passionate about helping our customers to protect their brand, value and reputation against the ever-evolving threat landscape. We fuel that passion with investment in our people and our business.Our values and code of ethics are at the heart of how we operate – we work together, we are brilliantly creative and we embrace difference. We treat everyone and everything with equal respect. We want to create an environment where all colleagues feel psychologically, emotionally and physically safe to be authentic, sharing their personal experiences to represent the diversity of the world they live in, and have equal opportunity to achieve their best.
#J-18808-Ljbffr
.webp "Apply4U | Sign Up")
.webp "Apply4U | Contact Us")
.webp "Apply4U | Sign up")
