Cyber Security Senior Consultant
Manchester, Cheltenham or London
Role Purpose
NCC Group provides Information Assurance consultancy to help companies protect critical systems and information. We do this by defining security strategies, developing policies, conducting security maturity and risk assessments and implementing security solutions. We also provide security staff augmentation to clients so that our consultants may occupy security roles within the client environment in the short, medium or long term.
Our core consulting and implementation services include:
1. Strategy & transformation
2. On-demand virtual roles
3. Data discovery and mapping
4. Risk advisory and assurance
5. Continuity/Resilience
6. Data privacy and GDPR
7. ISO 27001 & NIST CSF
8. Supplier assurance
9. PCI, PA & P2PE
10. Incident response planning
11. Card production audits
12. Cyber security review
13. SOC advisory & implementation
14. XDR consulting & implementation
Alongside our core services, we have a range of bespoke services to help organisations protect their systems and information:
15. Risk Assessments
16. Security Architecture Review
17. Information Security Awareness and Training Programmes
18. Information Security Policy Development
19. Security Transformation Programmes
We have a fantastic new opportunity to join our Consulting & Implementation division for a Senior Consultant. The ideal candidate will have commercial experience within the information and assurance field, gained from delivering a diverse range of security and assurance services ideally into a broad client base. In addition to your technical skills, you will have strong client facing skills and be comfortable dealing with senior client stakeholders.
Summary
20. Liaise with the Resource Management and Pre-Sales team during the sales cycle to assist in quantifying, pricing and assessing resources required for the project delivery.
21. Assist with sales proposals, bids and tenders for delivery of consulting and implementation services.
22. You will conduct onsite and remote activities to advice, assess, analyse and report in line with the engagement project requirements. This will involve meeting client stakeholders, conduct of documentation reviews, assessing technical solutions and systems as well as presenting information and advice to senior business partners.
23. Translate the technical and non-technical findings from an assessment or exercise into relevant, actionable remediation road maps for customers.
24. Responsible for adhering to all internal policy and procedures in relation to security and quality best practice.
25. Ability to travel to clients’ sites to perform engagements of varying durations as required.
26. You will act as mentor to less experienced consultants and foster knowledge sharing throughout the delivery team.
What we are looking for in you
Skills
27. Have strong skills in Sentinel management & optimisation
28. Experienced in XDR apps, log source onboarding and cost analysis
29. Can demonstrate strong experience and track record in MS Purview information protection & Data Loss Prevention (DLP)
30. Experienced in Azure Resource Manager template, Git, KQL, PowerShell
31. Can work with control frameworks such as NIST 800-53, SANS Top 20 CSC, ISO 27001, Risk Assessment (ISO27005), Privacy and other frameworks as requested by clients.
32. Able to always deliver projects within time and in budget and to a high level of customer satisfaction – exercising customer care.
33. Demonstrate a strong ability to develop a rapport with customers and to engender long lasting trusted relationships
34. Have strong business, consultancy and technical skills within the Information Security Industry
35. Excellent communication, consulting soft skills and presentation skills.
36. Exceptional written communication and reporting skills
Behaviours
37. Flexibility in working hours (as per client requirement).
38. Ability to travel both nationwide and internationally (where required).
39. Willingness to learn new skills and disciplines.
Knowledge
Experience in two or more of the below:
40. Excellent attention to detail and documentation.
41. Industry standards such as ISO 27001 Series, GDPR, NIST, PCI DSS.
42. Customer facing experience at senior levels.
43. CISSP / CISM / ISO 27001 LA or LI / PCI DSS QSA would be an advantage
Outputs
44. Ability to successfully compile accurate reports within defined timescales.
45. On-site and remote projects with the objective of delivering consistent high quality consulting engagements including the transfer of knowledge to both NCC Group colleagues and client personnel when appropriate.
Ways of working
46. Focusing on Clients and Customers.
47. Working as One NCC.
48. Always Learning.
49. Being Inclusive and Respectful.
50. Delivering Brilliantly.
51. Looking Externally
Our company
At NCC Group, our mission is to create a more secure digital future. That mission underpins everything we do, from our work with our incredible clients to groundbreaking research shaping our industry. Our teams' partner with clients across a multitude of industries, delving into, securing new products, and emerging technologies, as well as solving complex security problems. As global leaders in cyber and escrow, NCC Group is a people-powered business seeking the next group of brilliant minds to join our ranks.
Our colleagues are our greatest asset, and NCC Group is committed to providing an inclusive and supportive work environment that fosters creativity, collaboration, authenticity, and accountability. We want colleagues to put down roots at NCC Group, and we offer a comprehensive benefits package, as well as opportunities for learning and development and career growth. We believe our people are at their brilliant best when they feel bolstered in all aspects of their well-being, and we offer wellness programs and flexible working arrangements to provide that vital support.
Come join us?
What do we offer in return?
We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits:
⏰Flexible working
💸 Financial & Investment
52. Pension
53. Life Assurance
54. Share Save Scheme
55. Maternity & Paternity leave
🙋🏾Community & Volunteering Programmes
⚡ Green Car Scheme
🚴 Cycle Scheme
🧑🏻🤝🧑🏻 Employee Referral Program
🧘🏻 Lifestyle & Wellness
🎓 Learning & Development
👨🏿🦽 Diversity & Inclusion
So, what’s next?