Overview
As a Senior Cyber Security Consultant, you will join our Information Assurance and Cyber Risk team that provides expert risk assessments, analysis and advice to clients within the Defence Sector. Day-to-day, you will advise on cyber security vulnerability, risks, audit & compliance in a business or operational context and cyber security threat environment.
Responsibilities
* Leading the creation of business risk models and associated material, in support of operational cyber security and business planning across a range of different domains or sectors using established frameworks (e.g. NIST, UK Government).
* Leading the undertaking of cyber security audit processes in support of operational and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, UK Government).
* Leading cyber security vulnerability analysis to provide a rich picture of organisational maturity and risk exposure to cyber security, in support of operational and business planning activity across a range of different domains or sectors using established frameworks (e.g. NIST, MITRE ATT&CK, UK Government).
* Leading the provision of advice & support to cyber exercise scenario creation in relation to the security posture, standards, regulation, vulnerabilities, and attack paths appropriate to business/operational context to meet the exercise objectives.
* This role is 37 hours per week based at any of our main UK sites. Hybrid working patterns available. Travel to customer sites will be expected.
* Digitally literate (including fluency in Microsoft Office tools).
* Previous experience in security vulnerability, risk, audit & compliance.
* A strong understanding of relevant NIST frameworks and ISO27001 standards and how to apply in practice.
* Knowledge of MITRE ATT&CK.
* A strong understanding of cyber risk impact on business or operational outcomes.
* The ability to devise effective and creative risk mitigation strategies that enhance business outcomes.
Qualifications
* Experience in security vulnerability, risk, audit & compliance.
* Strong understanding of NIST frameworks and ISO27001 standards with practical application.
* Knowledge of MITRE ATT&CK.
* Ability to link cyber risk to business or operational outcomes and to design mitigation strategies.
About us and Culture
We value difference and we don\'t have a fixed idea when it comes to background or education, provided you can show the required level of experience and willingness to learn then we would like to hear from you. As we continue to grow into new markets around the world, there\'s never been a more exciting time to join QinetiQ. The formula for success is our appetite for innovation and having the courage to take on a wide variety of complex challenges. As a QinetiQ employee, you\'ll experience a unique working environment where teams from different backgrounds collaborate widely and openly. You\'ll be part of solving complex problems in a diverse and inclusive environment where you can be authentic, feel valued and realise your full potential.
Visit our website to read more about our diverse and inclusive workplace culture at www.qinetiq.com/en/careers/life-at-qinetiq.
Benefits
* Matched contribution pension scheme, with life assurance
* Generous holiday allowance, with the option to purchase additional days
* Options to join Health Cash Plan, Private Medical Insurance and Dental Insurance
* Employee discount portal: Personal Accident Insurance, Travel Insurance, Restaurants, Cinema Tickets and much more
* We are proud to support the Armed Forces community by honouring the Armed Forces Covenant and maintaining our Gold Award standard in the Defence Employer Recognition Scheme
* Volunteering Opportunities - helping charities and local community
Recruitment & Vetting
Our Recruitment Process: We want to make sure that our recruitment process is as inclusive as possible and we aspire to bring out the best in our candidates by creating an environment where everyone feels valued, heard, and supported. If you have a disability or health condition that may affect your performance in certain assessment types, please speak to your Recruiter about potential reasonable adjustments. Many roles in QinetiQ are subject to national security vetting being completed; applicants who already hold the appropriate level of vetting may be able to transfer it upon appointment. A number of roles are also subject to additional restrictions, which mean factors such as nationality or previous nationalities may affect the roles that you can be employed in. Please note that all applicants for this role must be eligible for DV clearance, as a minimum.
#J-18808-Ljbffr