Principal Cyber Security Consultant in London

Role Profile
As a Cyber Security Consultant, you will have the opportunity to provide support to a wide range of high profile UK public sector and defence organisations. Your help will enable them to protect their ICT investments, and
in doing so play a key role in nationally critical projects which make a real difference to people's everyday lives.

You will be given the opportunity to undertake a variety of roles throughout the project lifecycle, working across a
wide-ranging set of clients and cutting-edge technologies. This could include providing projects with advice and
guidance on Information Assurance topics; contributing to the development of IA strategies, policies, guidance and
awareness; planning and managing the delivery of a security work programme; defining security requirements;
designing and implementing security architectures; or overseeing the secure development and accreditation of
information systems.

Your level of experience will determine the amount or responsibility given to you, as a result you may also have the
opportunity to lead assignments and be responsible for supervising direct reports whilst ensuring the overall success
of the engagement. Our position as a client-side advisor means that your role will involve significant stakeholder
engagement, dealing directly with the client, including in resolving day-day issues involved in assignment delivery and
developing follow-on opportunities, so excellent interpersonal and influencing skills are essential.

Career Development
You will have the opportunity to build a career in consulting, specialising in the application of information assurance
and cyber security expertise to a wide range of business problems.
A career mentor will be on hand to provide support and guidance throughout your journey with. You will also
work with a performance and development manager who will conduct six monthly reviews to set career objectives
and identify training courses which are both relevant to your current project work, and aligned with your planned
career progression.
We provide substantial training, including online, classroom and in-house courses, leading to nationally recognised
certifications, such as CCP, PCiIAA, CISMP, CISSP, CREST, ISO27001, SABSA, and TOGAF.
Responsibilities:
Working either individually or as part of a larger team, you will undertake a number of varying consultancy
assignments.

Due to the potential variety in assignments your responsibilities may well depend on your own breadth
of experience and could range from developing security architectures, to providing guidance on GRC activities. Other
responsibilities could include:
* Providing security expertise for major system procurements and Agile programmes to ensure secure solution
delivery;
* Identifying, analysing and evaluating information risks across a range of programmes, projects and systems;
* Explaining to risk owners and other stakeholders the causes, likelihood and potential business impacts of
information risks throughout the information system lifecycle;
* Authoring and/or supporting the development of security assurance documentation;
* Developing or reviewing new security architectures that mitigate the risks posed by new technologies and
business practices.

Qualifications and Experience:
We work predominantly within the UK Defence and Public Sectors, because of this experience within those sectors is
desirable, preferably within the ICT context on enterprise solutions. The fast-moving nature of the ICT environment,
together with the need to resource multiple, ad-hoc assignments, also requires our consultants to be quick thinkers,
proactive and self-motivated - with the ability to apply a structured approach to often unfamiliar subject matter.
The following attributes and areas of experience will make you particularly suited to this role:
* Experience of complex ICT systems in a technical delivery or consulting capacity;
* A good understanding of enterprise information and communications technology;
* The ability to present and justify conclusions to project teams and business stakeholders;
* Proven abilities in delivering to client expectations and requirements; and
* Strong verbal and written communications skills.
Knowledge of the following would be beneficial:
* Structured security frameworks, such as HMG SPF and ISO27001;
* Security, technical and enterprise architecture methods such as TOGAF and SABSA;
* Technical risk assessments;
* Software development and delivery;
* ICT service delivery, including ITIL;
* Enterprise security packages, security enforcing software and devices, such as identity management and
federation, cryptography, public key infrastructure, firewalls, SIEM, vulnerability scanning, etc.

The nature of the business means that a wide and varied background is preferable and the capability to adapt
quickly to change is always required.
You may not feel that your skills precisely match the requirements of this job specification; however, we encourage
you to apply if this is a role that appeals to you. We require individuals with a broad skillset, so there may be other
aspects of your experience which are equally important to us, but that are perhaps not listed in the role specification
above.
We aim to nurture a diverse workforce through inclusive working practices, promoting equality in our recruitment
activities, and by employing candidates on the basis of merit. Discrimination against individuals on the grounds of
protected characteristics is not permitted and we take steps to ensure that our staff are made aware of their legal
responsibilities when making hiring decisions.
We are keen to improve diversity within our organisation and the industries in which we work, and hope to employ
individuals who share that view.

While Guildford is our home base, consultants typically spend their time working remotely. For most clients,
consultants spend 2-3 days working remotely and 2-3 days co-located with colleagues at a client's site or our office in
Guildford. For some projects, there will a requirement to work up to 5 days a week co-located with colleagues. All
work is team based, with a high level of engagement with other Actica and client team members. Consultants are
encouraged to get involved in internal activities and to attend company team events whenever possible.
Candidates must be eligible and willing to gain UK Security Clearance to apply for this position.

We offer:
* A discretionary bonus, paid twice a year;
* 25 days annual Leave plus bank holidays;
* Twice* yearly performance appraisal/pay review (*while at Consultant and Senior Consultant grades, annually
thereafter);
* Investment in training relevant to an individual's development and business needs.
About Us
We are a growing Technology Consultancy that works on some of the most nationally critical technology
projects. We specialise in delivering complex projects to limited timescales. Our customers include a wide range of
public sector organisations; such as, the Home Office, the Ministry of Defence, HM Treasury, the Ministry of Justice,
Police Forces, Fire Services and the NHS; as well as a range of national and international companies across the private
sector.
We are recruiting in order to facilitate continued growth of the business and as a result multiple positions are available
across Consultant, Senior Consultant, and Principal Consultant grades. The advertised role is for employment on a
permanent basis; however, we are happy to discuss Associate (contract) opportunities if that is your preference

Disclaimer:

This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.