Job summary

Hi All, I'm currently recruiting for this position. Please click on the job title below to view the Job Description and apply to it!

Key skills required for this role

Senior Safety Engineer.

Important

Senior Safety Engineer

Job description

Key Accountabilities

Cyber Risk Advisor/Consultant
1. Create business risk models and associated material, in support of operational cyber security and business planning across a range of different domains or sectors using established frameworks (e.g. NIST, UK Government)
2. Undertake cyber security audit processes in support of operational and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, UK Government)
3. Undertake cyber security vulnerability analysis to provide a rich picture of organisational maturity and risk exposure to cyber security, in support of operational and business planning activity across a range of different domains or sectors using established frameworks (e.g. NIST, MITRE ATT&CK, UK Government)
4. Identify mitigations for cyber risk in a given business or operational scenario and threat environment
5. Support development of cyber security risk cases in a given business or operational context

Key Capabilities/Knowledge

* Understand relevant NIST frameworks and ISO27001 standards and how to apply in practice
* Knowledge of MITRE ATT&CK
* Understands the impact of cyber risk, security accreditation and certification on business or operational outcomes
* Able to articulate regulatory requirements and devise courses of action to meet these appropriate to the business or operational context.
* Able to devise effective and creative risk mitigation strategies that enhance business outcomes
* Understand cyber risk and mitigations put in place and can provide evidence to help refine risk mitigation approaches
* Able to identify, document and articulate security risk and mitigation approaches, against technology solutions and business processes
* Able to engage and communicate effectively with customers
* Able to engage and communicate effectively with stakeholders at all levels
* Good awareness of digital technology (in particular computer and computer network)
* Awareness of how architects and designers employ the technology to build systems of interest
* Demonstrate good judgement in relation to cyber risk and vulnerability assessment
* Able to articulate evidenced and convincing arguments for recommended courses of action
* Government, defence, CNI market understanding
* Able to work independently and seek guidance on own initiative for unusual or complex situations

Experience & Qualifications

Essential
* STEM degree or equivalent and relevant experience in cyber security role
* Digitally literate (including fluency in Microsoft Office tools)
* Minimum of 2-3 years of experience in security vulnerability, risk, audit & compliance
Desirable
* Experience applying/work to relevant NIST and ISO27001 frameworks and standards in different sectors and domains including defence, wider UK Government, critical national infrastructure.
* Experience guiding successful security audit preparation and outcomes
* Membership of CIISec or equivalent