A leading Central Government Institution are seeking a Principal Cyber Security Risk Consultant, to help drive the improvement of their cyber security posture.
We are seeking individuals with a deep understanding of current NCSC cyber security advice.
This is a 12-month contract - Outside IR35 and remote.
Experience requirements / Responsibilities:
* a good working knowledge of current UK government policy and standards relating to cyber security and assurance when working at OFFICIAL. * a deep understanding of current NCSC cyber security advice relating to the design, development and operation of digital services. * a broad technical understanding of modern IT systems, services and architectures used to build digital services, particularly in a public cloud context. * a good understanding of secure development and deployment practices in an Agile context. * an awareness of the legal and regulatory landscape in which central government operates. * experience of risk management and security assurance gained within central government and spanning the full project lifecycle. * experience of using a formal risk assessment methodology such as ISO/IEC 27005:2011, HMG IS1/IS2 or NIST SP 800-30. * experience of writing detailed risk reports and summary briefings. * experience of applying the NCSC's Cloud Security Principles to assess the suitability of cloud services. * experience of identifying appropriate security and assurance requirements for inclusion in supplier contracts.
If you are available and interested, please apply in the first instance and you will be contacted to discuss the position further.