Cyber Security Consultant - London

Amethyst delivers a range of specialist cyber security professional services. We help businesses and organisations to understand the value of their information assets, assess associated security risks and develop the technical and procedural controls to protect them. We work across both private and public sectors specialising in taking ownership of cyber security through life, from inception to disposal and seek to develop long term trusted relationships with our customers. As part of our growth strategy, we are looking for a talented Cyber Security Consultant to join our team.

As a Cyber Security Consultant, you will be responsible for providing expert cyber security technical advice, guidance and support.

Specific responsibilities include:

• Advising and supporting companies, organisations, programmes or projects on all aspects of cyber security
• Production of formal deliverables such as security policies and operating procedures, risk assessments, security assurance management plans and audits
• Liaising and working closely with customers to meet project/programme deadlines
• Understanding, assessing and articulating business and information security risk at a technical and business process level
• Reviewing the effectiveness of existing security controls and proposing proportionate security improvements
• Support business development by developing and managing relationships with existing and new customers

• Recognised industry cyber security certifications or qualifications, e.g. CISSP, CISM, CISA
• Relevant experience in a cyber security role
• Knowledge of cyber security industry standards and good practice
• Baseline knowledge of information systems, e.g. cloud, access control, networking
• Experience of working in a customer facing role
• Good understanding and working knowledge of Governance, Risk & Compliance
• Strong written, verbal and interpersonal communication skills
• Ability to work independently, manage own time and work to deadlines

• UK Cyber Security Council - Professional Registration Title, e.g. Chartered, Principal, Practitioner
• Knowledge and understanding of HMG and MoD, cyber security policy, standards, guidance, security processes and organisation
• Practical exposure and experience of implementing the Secure by Design principles based approach
• Previous experience as a Security Manager or Security Lead on a MoD, HMG or industry project/programme
• Knowledge and understanding of MOD cyber security policy, e.g. JSP440, standards and guidance
• Chairing and participation in HMG/MoD Security Working Groups
• Expert understanding of Secure by Design and associated tooling, e.g. MoD Continual Assurance Activity Tracker, and HMG SbD Self Assurance Tracker
• Experience of the NCSC Cyber Assurance Framework (CAF) and conduct of GovAssure audits
• Knowledge and experience of NIST standards, e.g. the Cyber Security Framework, Risk Assessment
• Cyber security audit skills, knowledge and experience, e.g. ISO/IEC 27001 audit
• Experience of Supplier Assurance and security of the supply chain
• Experience of scoping assessing output from IT Health Checks; Penetration Tests and Vulnerability Assessments

• Ideally National Security Vetted, SC or DV; if not, willing to undergo government security vetting process
• Eligible to work in the UK and have the appropriate right to work documents
• Willing to travel

To apply, email a copy of your CV to: recruitment@amethystrisk.com. For more information about Amethyst, visit: www.amethystrisk.com