Senior GRC Security Consultant - CCP - NIST - HMG SPF - RMADS - ISO27001 - SC / DV Eligible
- Employer
- Nexere Consulting Ltd
- Location
- Hook, Hampshire / M4 Corridor
- Salary
- £75K to £95K (BoE) + Benefits
- Closing date
- 23 Aug 2021
View more
- Clearance Level
- DV, SC, None / Undisclosed
- Sector
- Central Government, Consultancy, Cyber Security, Defence, Information Technology, Public Sector, Security
- Job Type
- Permanent
You need to sign in or create an account to save a job.
Senior GRC Security Consultant - CCP - NIST - HMG SPF - RMADS - ISO27001 - SC / DV Eligible
Senior GRC Security Consultant with all-round information assurance security skills to join a Security Services Consultancy Practice. To be assigned to NIST / HMG IA scope of consultancy services, these include providing security advice, security management compliance assessments, security gap analysis, and security risk analysis.
- 8 to 15+ years of professional IT experience (with at least 4 years of professional experience on positions related to the security domain – GRC (Governance, Risk and Compliance), assessment, review, audit management and process management are preferred)
- Awareness of cyber-attack techniques and how protective monitoring systems can be used for detection, mitigation, remediation and protection
- Experience of Enterprise Risk Management methodologies/techniques development and implementation.
- Experience of risk analysis’ output’s implementation into Information Security processes’
- Experience with interpreting and applying appropriate Standards, Policies and Legislation, (e.g. ISO27001, PCI DSS, COBIT, SOC, DPA, GDPR, NIST, Cyber Essentials, etc.) confirmed by respective certifications or relevant experience
- Good overall understanding of Security management and assurance practices, with hands on experience
- Ability to investigate aspects of IT systems and compare them to relevant standards (e.g. HMG/JSP 440)
- Experience in producing and review of RMADS documentation for UK government customers.
- Fully conversant with the HMG Security Policy Framework and understanding of departmental policies.
- Experience of security processes and standards, in particular ISO27001.
- Working knowledge of SPF and related HMG IS Standards.
- Good level knowledge of security audit and accreditation processes
- Knowledge of – NCSC, NIST, HMG and MoD, Public Sector, Home Office Police, National and International Regulatory requirements, GDPR
- Understanding of HMG and MOD Information Assurance policies and architectural patterns
- Professional accreditations / certifications NCSC CCP SIRA Senior, plus one of the following:
- NIST Practitioner NCSP
- ISO 27001 Practitioner
- Certified Cloud Security Professional (CCSP),
- Certified Information System Security Professional (CISSP),
- Certified Information Security Manager (CISM)
Senior GRC Security Consultant - CCP - NIST - HMG - RMADS - ISO27001 - SC / DV Eligible
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalised job recommendations straight to your inbox.
Create alert