3 days ago Be among the first 25 applicants
Role Purpose
Understand and advise on cyber security vulnerability, risks, audit & compliance in a business or operational context and cyber security threat environment
Role Purpose
Understand and advise on cyber security vulnerability, risks, audit & compliance in a business or operational context and cyber security threat environment
Key Accountabilities
Cyber Risk Advisor/Consultant
* Create business risk models and associated material, in support of operational cyber security and business planning across a range of different domains or sectors using established frameworks (e.g. NIST, UK Government)
* Undertake cyber security audit processes in support of operational and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, UK Government)
* Undertake cyber security vulnerability analysis to provide a rich picture of organisational maturity and risk exposure to cyber security, in support of operational and business planning activity across a range of different domains or sectors using established frameworks (e.g. NIST, MITRE ATT&CK, UK Government)
* Identify mitigations for cyber risk in a given business or operational scenario and threat environment
* Support development of cyber security risk cases in a given business or operational context
Key Capabilities/Knowledge
* Understand relevant NIST frameworks and ISO27001 standards and how to apply in practice
* Knowledge of MITRE ATT&CK
* Understands the impact of cyber risk, security accreditation and certification on business or operational outcomes
* Able to articulate regulatory requirements and devise courses of action to meet these appropriate to the business or operational context.
* Able to devise effective and creative risk mitigation strategies that enhance business outcomes
* Understand cyber risk and mitigations put in place and can provide evidence to help refine risk mitigation approaches
* Able to identify, document and articulate security risk and mitigation approaches, against technology solutions and business processes
* Able to engage and communicate effectively with customers
* Able to engage and communicate effectively with stakeholders at all levels
* Good awareness of digital technology (in particular computer and computer network)
* Awareness of how architects and designers employ the technology to build systems of interest
* Demonstrate good judgement in relation to cyber risk and vulnerability assessment
* Able to articulate evidenced and convincing arguments for recommended courses of action
* Government, defence, CNI market understanding
* Able to work independently and seek guidance on own initiative for unusual or complex situations
Essential
Experience & Qualifications
* STEM degree or equivalent and relevant experience in cyber security role
* Digitally literate (including fluency in Microsoft Office tools)
* Minimum of 2-3 years of experience in security vulnerability, risk, audit & compliance
Desirable
* Experience applying/work to relevant NIST and ISO27001 frameworks and standards in different sectors and domains including defence, wider UK Government, critical national infrastructure.
* Experience guiding successful security audit preparation and outcomes
* Membership of CIISec or equivalent
Role Purpose
Understand and advise on cyber security vulnerability, risks, audit & compliance in a business or operational context and cyber security threat environment
Key Accountabilities
Cyber Risk Advisor/Consultant
* Create business risk models and associated material, in support of operational cyber security and business planning across a range of different domains or sectors using established frameworks (e.g. NIST, UK Government)
* Undertake cyber security audit processes in support of operational and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, UK Government)3. Undertake cyber security vulnerability analysis to provide a rich picture of organisational maturity and risk exposure to cyber security, in support of operational and business planning activity across a range of different domains or sectors using established frameworks (e.g. NIST, MITRE ATT&CK, UK Government)
* Identify mitigations for cyber risk in a given business or operational scenario and threat environment
* Support development of cyber security risk cases in a given business or operational context
Key Capabilities/Knowledge
* Understand relevant NIST frameworks and ISO27001 standards and how to apply in practice
* Knowledge of MITRE ATT&CK
* Understands the impact of cyber risk, security accreditation and certification on business or operational outcomes
* Able to articulate regulatory requirements and devise courses of action to meet these appropriate to the business or operational context.
* Able to devise effective and creative risk mitigation strategies that enhance business outcomes
* Understand cyber risk and mitigations put in place and can provide evidence to help refine risk mitigation approaches
* Able to identify, document and articulate security risk and mitigation approaches, against technology solutions and business processes
* Able to engage and communicate effectively with customers
* Able to engage and communicate effectively with stakeholders at all levels
* Good awareness of digital technology (in particular computer and computer network)
* Awareness of how architects and designers employ the technology to build systems of interest
* Demonstrate good judgement in relation to cyber risk and vulnerability assessment
* Able to articulate evidenced and convincing arguments for recommended courses of action
* Government, defence, CNI market understanding
* Able to work independently and seek guidance on own initiative for unusual or complex situations
Essential
* STEM degree or equivalent and relevant experience in cyber security role
* Digitally literate (including fluency in Microsoft Office tools)
* Minimum of 2-3 years of experience in security vulnerability, risk, audit & compliance
Desirable
* Experience applying/work to relevant NIST and ISO27001 frameworks and standards in different sectors and domains including defence, wider UK Government, critical national infrastructure.
* Experience guiding successful security audit preparation and outcomes
* Membership of CIISec or equivalent
Seniority level
* Seniority level
Mid-Senior level
Employment type
* Employment type
Full-time
Job function
* Job function
Finance and Sales
* Industries
Defense and Space Manufacturing
Referrals increase your chances of interviewing at QinetiQ by 2x
Sign in to set job alerts for “Risk Consultant” roles.
Bristol, England, United Kingdom 2 weeks ago
Bristol, England, United Kingdom 1 week ago
Bristol, England, United Kingdom 1 month ago
Bristol, England, United Kingdom 2 weeks ago
Audit Senior Manager – Conduct and Operational Risk
Group Manager, Funding, Investment & Risk
Keynsham, England, United Kingdom 1 day ago
Bristol, England, United Kingdom 4 weeks ago
Bristol, England, United Kingdom 1 week ago
Bristol, England, United Kingdom 1 week ago
Bristol, England, United Kingdom 1 month ago
Bristol, England, United Kingdom 4 days ago
Group Manager, Funding, Investment & Risk
Bristol, England, United Kingdom 20 hours ago
Bristol, England, United Kingdom 3 weeks ago
Greater Bristol Area, United Kingdom 1 week ago
Operational Risk Manager (IT and Cyber Security - 6 months FTC)
Bristol, England, United Kingdom 1 week ago
Senior or Principal Security Consultant (Risk Management)
Risk Management Framework - Project Delivery Manager
Bristol, England, United Kingdom 1 week ago
Bristol, England, United Kingdom 1 week ago
Bristol, England, United Kingdom 1 day ago
Non Life Actuary - Risk & Capital - Manager
Bristol, England, United Kingdom 2 weeks ago
Risk & Compliance Manager-Armed Forces Recruitment Service
Bristol, England, United Kingdom 3 weeks ago
Cardiff, Wales, United Kingdom 19 hours ago
Risk Management Framework - Project Delivery Manager
Bristol, England, United Kingdom 1 week ago
Cambridge, England, United Kingdom 1 day ago
Non Life Actuary - Risk & Capital - Senior Manager
Bristol, England, United Kingdom 2 weeks ago
City Of Bristol, England, United Kingdom 3 weeks ago
Cyber Security Risk Manager Lead - ONS - G7
Risk Management Framework - Project Delivery Manager
Bristol, England, United Kingdom 1 week ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr