Cyber Risk Manager (2008)
Sector: Security Operations
Trident Search have partnered with a growing MSSP who offer a wide range of Cyber Security services and have a track record of succeeding where others have failed. Our client has created an all encompassing Consultancy for all things cyber and we are working with them to build a centre of excellence.
- You must be SC cleared.
- This role will be to work with new and existing clients across various sectors to define and implement security solutions to match requirements.
- You will be working in close partnership with clients to ensure the delivery of services complementing in-house Information Security resources and bringing an expertise in Information Security Risk Management.
- As a Risk Consultant, you will be required to undertake security risk assessments within an Agile software delivery lifecycle framework.
- You will possess a good technical background and have experience in delivering complex and innovative risk management plans using a range of skills and knowledge to include workshops to deliver risk discovery, risk assessment and risk treatment activities.
- You will be working with our clients to identify risks and consider appropriate controls to mitigate those risks, working with agile teams to ensure risks are understood and continually managed whilst delivering value to end users as quickly as possible and allowing business risk owners to make fully informed risk based decisions.
- Work with multi-disciplinary teams, helping to ensure that products are delivered in a secure manner that is aligned with the wider business risk appetite.
- Produce informative and succinct reporting that clearly articulates any identified vulnerabilities and associated risks.
- Facilitate workshops with the various Authority departments, to align with wider HMG transformational Security and risk management outcomes.
- Provide accurate and pragmatic remediation/risk management guidance/advice.
Knowledge & Experience for this role:
- Have an excellent understanding of risk management and assessment principles and frameworks, such as ISO27005, NIST SP800-37 etc.
- Have Knowledge of risk assessment in and agile delivery environment
- Be skilled in workshop facilitation particularly risk identification and assessment.
- Good level of knowledge of the Cyber Security industry
- Have a good understanding of modern IT technologies and services, such as Cloud Computing, Mobile Computing, IT Security, and Infrastructure technologies and demonstrate an understanding of security architecture
Desirable Skills, Experience and Certifications:
- You must be SC cleared
- CISSP or CISM
- CRISC certification
- Experience of working in an HMG environment
- Good knowledge of NCSC guidance
- CCP SIRA – preferably at Senior level