Critical Infrastructure Security Consultant
We are a Cybersecurity consultancy SME looking to hire a security consultant to act in a hybrid security-based role whereby you will get exposure to various clients and challenging problems in addressing other peoples systems security. Our clients vary between financial and critical infrastructure so if you like variation in working on exciting but different projects than we have the perfect role for you.
We specialize in providing a consultancy's approach in evaluating and addressing cybersecurity but add to our clients benefits in providing hands-on experience, and therefore we offer a role whereby you can act in a consulting manner but also be practically driven and have experience in hands-on development, eg this would suit someone who is either from a security engineer background or IT administer with security experience and wants to progress into a more consultancy/architect type of role.
A degree in either Engineering, Computer Science or related field is required for this position, however consideration will be given to candidates that can demonstrate credible experience working in either Critical National Infrastructure (CNI) or Information Security.
Certifications in the following areas are highly desirable or can demonstrate working towards:
- CISSP/CISM or an equivalent security qualification desirable.
- C|EH and or equivalent certifications in penetration testing
- Experience in or auditing against ISA 62243 and/or ISO27001
Experience in the following areas:
- Not afraid of using either Windows, Linux or Unix based Operating Systems
- Be collaborative and pragmatic and demonstrate good communication skills
- Willingness to participate in some ethical hacking to develop skills in this area
- Has experience in working in Critical Infrastructure such as the Railway, Utilities or Telecoms
- Good oral and written communication skills
- Good technical problem-solving skills
- Some security architecture experience, covering network and data security principles
- Experience in implications of safety critical systems from a security domain perspective
Key responsibilities required of the successful Security Consultant:
- Assist security-based IT solutions covering infrastructure, applications and operational aspects
- Obtain and build upon your technical architecture skills to support clients in understanding their systems
- Management and implementing design level works in the form of High-level designs and the ability to translate Low-level designs
- Ability to analyze and understand existing infrastructure designs and requirements
- Knowledge of Security architecture domains such as identity, security defense and/or compliance
- Gain experience in providing cloud security advice (can build in this area if you wish?)
- Provide consultative advice on best practices relating to cybersecurity to clients when developing solutions
- Undertake security-based risk assessments using a mixture of different approaches using ISO27001/ISA 62243
- Collaborate with other SME partners in delivering cybersecurity solutions
- Generate and update documentation pertaining to security policies and standards, backup procedures, incident response and disaster recovery and security operations
- Solid understanding of Threat and Risk Management
- Support the business in maintaining a good security posture in its alignment to ISO27001 and Cyber Essentials/+
This is an excellent opportunity to join a dynamic consultancy. Contact me for more info, and we are aiming to shortlist this role in the coming weeks. Note, we operate a fully flexible work location, so there may be the odd trip to our office, however we are looking to go fully WFH come this summer. Attendance to Clients sites will be required occasionally and we are aiming to adopt a 4-day working week in Q3 of 2021.