Principal Consultant (Cyber Security)
Principal Consultant (Cyber Security)
*Role now filled*
We are looking for a Principal Consultant to join our brilliant team, particularly for our growing Cyber Essentials and penetration testing services.
This is a fantastic opportunity to work in a professional and stimulating environment and build a team of the future, where the standards are consistently set high.
You should be a good communicator, enthusiastic and willing to lead and grow a small team of pen-testers, assessors and apprentices. This is a client-facing role and you may be required to travel around the UK. Therefore, you should have a valid UK driving licence. Due to the nature of our work you will be expected to maintain high security and confidentiality of data.
You should have significant experience in the technical skills listed below including line management. The following existing qualifications will be a huge asset:
- Current Cyber Essentials and Cyber Essentials Plus assessor qualifications, preferably as a Lead Assessor (OSCP, CSTM, CSTL, CHECK/CREST)
- IASME governance assessor
- Pen-testing qualifications
- Hold security clearance
- Be up to date with relevant industry standards (e.g. IASME standard, NCSC Cyber Essentials scheme, OWASP, CIS)
- Assess clients on Cyber Essentials self-certification submissions
- Independently assess clients to Cyber Essentials Plus standard
- Perform security reviews for firewalls, web applications, networks, Windows, Linux, MacOS and other operating systems
- Review of access controls, computer configuration, Active Directory, and system group policies
- Perform vulnerability assessments on systems, networks and websites using automated scanning tools and other network discovery and analysis tools
- Prepare and present written and oral reports and other technical information in a pertinent, concise, and accurate manner for distribution to clients
- Review and approve the work of other assessors and testers to ensure a consistently high quality of deliverables
- Provide proactive advice to clients on good security practices
- Provide support and guidance to the team
- Project and Deliverables management for the team
- Ensure all procedures are documented for reference and that all of the members of the technical team are trained to perform their specific job roles
- Perform management tasks for the technical team. These duties include conducting employee reviews, handling employee complaints, training new apprentices and junior consultants, and dividing the workload among members of the team
Technical skills and knowledge:
- Knowledge of IT networks, anti-malware technologies, security concepts, encryption, access controls and configuration management
- Ability to review technical controls around Active Directory, Group Policies, Software patches, Mobile Device Management, InTune, IaaS, PaaS and SaaS services.
- Good technical knowledge of testing techniques, methodologies and tools across all common platforms
- Ability to provide authoritative advice on information and cybersecurity, assurance, risk and threat management and incident response
- Demonstrable experience in managing a team of technical professionals.
- Be proficient in the application of Information Assurance methodologies and frameworks in a range of scenarios
- Project and deliverables management
- Ability to gather data, compile information, and prepare professional reports
- Ability to communicate with and understand the requirements of clients
- Fluent in written communications and able to articulate complex issues in plain language
- Ability to conduct effective research, using advanced OSINT.
- Flexible attitude and ability to perform under pressure
- Ability to work independently and to take responsibility
- Maintain a productive, professional and secure working environment
- Ability to interpret written requirements and technical specification documents
What you will get:
- Comparative salary
- Hybrid working
- Flexibility to manage your own diary
- Free on-site car parking (when required)
- Home office set up support
- MacBook Pro / iPhone
- 25 paid holidays + 8 bank holidays
- Pension scheme
- Employee Assistance Program (EAP)
- Company credit/debit card (role specific)
- Growth opportunities – apprenticeships, training, professional qualifications/memberships
- Study leave (when required)
- Work/life balance
If you are looking for a cyber security job and would like to apply for this position, or any of our other career opportunities, please email your latest CV to HR@rightcue.com
By sending your CV to the above mailbox you consent to us collecting and storing your CV/application and contact details. We will hold this information securely and process it for recruitment purposes only. Please refer to our Privacy Statement for more details on our compliance with GDPR and Data Protection.