Job Title: Senior Security Analyst
Line Manager: CTO
Role Overview: You will lead a team responsible for assessing and certifying organisations' cybersecurity practices according to the Cyber Essentials scheme. Your role will involve delivery, overseeing the assessment process, ensuring compliance with standards, and managing a team of assessors to deliver high-quality services to clients. Additionally, you will be responsible for staying updated on cybersecurity trends and regulations to enhance the effectiveness of the assessment process. PCI experience is highly advantageous.
Key Responsibilities:
Delivery
* Day-to-day delivery of Cyber Essentials and Cyber Essentials PLUS certifications
* Providing feedback and guidance to the customer throughout the certification process.
* Maintain certifications required to perform the role (VA+, CPSA/CRT/CSTM/OSCP)
* Conduct gap analysis and risk assessments related to information security frameworks.
Team Leadership:
* Provide leadership, guidance, and mentorship to a team of Cyber Essentials assessors.
* Foster a positive and collaborative team environment to enhance productivity and job satisfaction.
* Conduct regular performance evaluations, provide feedback, and identify opportunities for training and development.
Assessment Process Management:
* Oversee the end-to-end assessment process, from client engagement to certification issuance.
* Ensure assessments are conducted efficiently, accurately, and in accordance with the Cyber Essentials scheme and relevant standards.
* Contribute to developing and implementing streamlined processes to optimise assessment workflows and improve overall efficiency.
Client Engagement and Relationship Management:
* Serve as the primary point of contact for clients, internal staff and group stakeholders.
* Assist with any compliant investigations.
Quality Assurance:
* Implement rigorous quality assurance measures to maintain the integrity and credibility of the assessment process.
* Review assessment reports and certification documentation to ensure accuracy, completeness, and compliance with established standards.
* Identify areas for improvement and implement corrective actions as needed to enhance the quality of assessments.
Regulatory Compliance and Continuous Improvement:
* Stay abreast of cybersecurity regulations, industry best practices, and emerging threats to inform assessment methodologies and standards.
* Proactively identify opportunities for process improvements, tools enhancements, and training initiatives to enhance the effectiveness of the assessment team.
* Collaborate with stakeholders to adapt assessment processes in response to changes in regulatory requirements or industry standards.
Documentation and Reporting:
* Maintain accurate records of assessment activities, client interactions, and certification outcomes.
* Prepare comprehensive assessment reports and certification documentation for clients and regulatory authorities as required.
* Ensure timely and accurate reporting of assessment metrics, performance indicators, and other relevant data to management and stakeholders.
Qualifications / Experience
* Qualifications that would be advantageous for this role would include but not limited to: VA+, CRT, CSTM.
* Experience delivering Cyber Essentials Self-Assessments and Cyber Essentials Plus Audits
Career Benefits
* Competitive salary
* Contributory pension scheme
* 25 days holiday excluding bank holidays +1 for Birthday
* Ongoing training and budgets for Leadership, PCI and CREST certifications (CRT/CCT Web or CCT Inf).
* Private medical Insurance
* Be part of a growing business with great career opportunities