Grc Consultant - Birmingham, United Kingdom - LRQA group

LRQA group
LRQA group
Verified Company
Birmingham, United Kingdom

2 weeks ago

Tom O´Connor

Posted by:

Tom O´Connor

beBee Recruiter
Description

About Nettitude


At Nettitude, we are passionate about cybersecurity and managing cyber risk - keeping our clients data and business secure and protected at every stage of its journey.

We aim to be 'their trusted cyber partner'.

Founded in 2003, Nettitude is an award-winning provider of cybersecurity services, bringing innovative thought leadership to the ever-evolving cybersecurity marketplace.

Leveraging our tenacious curiosity, we aim to operate at the forefront of the industry.

Through our research and innovation centers, Nettitude provides threat led services that span technical assurance, consulting and managed detection and response offerings.


We are driven by a desire to build and deliver the best cybersecurity propositions in the industry and stay abreast of the evolving legislative and regulatory cybersecurity landscape.

This helps our clients to prioritize their cybersecurity risks, enabling them to focus on the activities that are core to their business.


We provide pragmatic cybersecurity for industries such as Finance & Banking, IT, Technology and Engineering, Maritime, Offshore, Retail, Healthcare, Manufacturing and Critical National Infrastructure.


The role
We are looking for a consultant to join our GRC team in the UK. This role is
home-based, with travel to client sites.

You'll be part of a team delivering security consultancy in a client-facing role, with a particular focus on:

  • PCI DSS consultancy and assessments
  • Security reviews against standards or guidelines such as the NCSC 10 Steps to Cyber Security and NIST CSF
  • ISO 27001 gap analyses
  • Helping our clients to implement Information Security Management Systems and achieve and maintain ISO27001 certification
  • Conducting risk assessments
  • Creating or supporting thirdparty risk management and audit programmes

Essential skills and experience:


  • Be a current QSA who has completed multiple onsite PCI DSS assessments, and be able to demonstrate a mature understanding of complex PCI DSS environments, and an ability to consult as well as assess
  • Have experience with ISO 27001, including implementing an ISMS and achieving certification
  • Have experience working with the NIST CSF
  • A good understanding of core concepts and technologies. For example, networking, Windows and Linux operating systems, and security technologies such as antimalware, IDS/IPS, etc. You do not need handson experience with these technologies or to have worked in an operational role
  • Be experienced working as a consultant in a clientfacing role, leading delivery. You'll be friendly and approachable and able to work well with our clients
  • Ability to work in a structured and methodical manner, with support to manage your own time with a focus on quality work


Your primary role will be to deliver PCI DSS consultancy and assessment activities to our clients as part of an established and experienced team of consultants.

It's not all PCI DSS, though, and you'll be involved in other areas as listed above and have opportunities to scope and deliver more bespoke engagements.


Location

  • PCI DSS assessment activities require onsite work, but most other work is delivered at least partly from home
  • We can support working from across the UK
  • All applicants will require residence in the UK

What you'll be doing in your role:
In your role, you will deliver consultancy services to our clients, covering the following areas:

  • Conduct security reviews against standards or guidelines such as the NCSC 10 Steps to Cyber Security, NIST CSF, Cyber Essentials
  • Perform ISO 27001 gap analyses
  • Help our clients to implement Information Security Management Systems and achieve and maintain ISO27001 certification
  • PCI DSS consultancy and gap analyses
  • Assistance in implementing PCI DSS requirements such as policy writing
  • Complete onsite assessments and reports on compliance
  • Complete risk assessments
  • Conduct thirdparty risk reviews
  • Support presales where required by assisting in the presales process, understanding client requirements and contributing to proposals and scoping of engagements

Key Skills:


Essential skills and experience:


  • Be a current QSA who has completed multiple onsite PCI DSS assessments, and be able to demonstrate a mature understanding of complex PCI DSS environments, and an ability to consult as well as assess
  • Have experience of ISO 27001, including implementing an ISMS and achieving certification
  • Have experience working with the NIST CSF
  • A good understanding of core concepts and technologies. For example, networking, Windows and Linux operating systems, and security technologies such as antimalware, IDS/IPS, etc. You do not need handson experience with these technologies or to have worked in an operational role
  • Be experienced working as a consultant in a clientfacing role, leading delivery. You'll be friendly and approachable and able to work well with our clients
  • Ability to wor
More jobs from LRQA group
See all jobs of LRQA group