Job description
Closing Date:
This vacancy may close at any time, if this role is of interest to you we recommend you apply as soon as possible.
The Opportunity
The Leonardo Cyber & Security Division, one of the three divisions in Leonardo UK, is a pivotal innovator, helping customers deliver and secure their digital transformation. The Cyber & Security Division is at the forefront of supplying technology and services for both civil and defence markets, in both the UK and around the world, to enhance the capabilities of its Customers. Within the Cyber & Security Division is our Cyber Consulting Practice which is where this role is positioned.
Leonardo’s Cyber Consulting practice works across a diverse array of sectors including Defence, Telecommunications, Energy and Finance to help secure national infrastructure in the UK and beyond. Our Practice is certified by the UK NCSC in the provision of advice and guidance to our customers across both enterprise and operational technology across all of the NCSC defined security domains of Governance and Risk Management, Security Architecture and Compliance.
This is a highly rewarding and hands one role with exposure across both traditional and cutting edge enterprise IT as well as bespoke Operational Technology systems with a clear and defined pathway to achieve chartership, NCSC certification and greater responsibility. Your work at Leonardo will see you inspire and lead in solving customer problems in an agile, innovative and team centric manner. We are after creative, passionate, technically savvy and personable people to help grow our practice and solve some of the most challenging, exciting and critical security challenges to the UK’s digital landscape
What you will do
Understand – We add value by solving problems, as a Consultant you will help define potential solutions to these problems with only limited information based on your experience and technical knowledge.
Assess – At Leonardo we adopt a risk based approach to any security problem, as a Consultant you will need to identify, measure and analyse the risks attracted by a given digital system and its information assets through the completion of risk assessments and defining and implementing the enabling governance structures that support this process.
Treat – Resolving risks is the technical core of our offering, as a Consultant you will assist in defining appropriate and proportionate security solutions right the way across people, process and technology aligned to the identified risk picture through the creation of security architecture visions, patterns and designs.•Assure – Giving our customers confidence that security is where it needs to be is a key requirement across heavily regulated industries. As a Consultant you will assist in defining, implementing and performing assessments of our customer’s environment against a given set of criteria spanning people, process and technology.
Develop – All our offerings are based on a core set of products. As a consultant you will assist in building a viable offering as part of the Leonardo business winning process for a customer as well as help in the technical development of our products to be used across our customer sectors.
What we are looking for
- A complete understanding of TCP/IP based networking concepts across the OSI model layer as well as the common protocols in use and their risks.
- At least 2 Recognised professional certifications in in Cyber Security such as CISM, CISSP, CRISC, CASP,CEH.
- Experience of directly managing project delivery and associated metrics such as time, cost and quality.
- Experience of and ability to manage multiple stakeholders and their needs with empathy, finding an appropriate balance of listening and speaking.
- An ambitious and creative drive to help safeguard UK national infrastructure and become a recognised cyber expert.
- Extensive experience in the development and mentoring of junior team members.
- UK SC Clearance or the ability obtain it as well as other more in depth security clearances.
- An Expert understanding of security compliance & detailed knowledge of a control framework such as NIST SP800-53 and ISO270002, IEC62443.
- An Expert understanding of security maturity & detailed knowledge of a security maturity frameworks such as NIST CSF and its Implementation Tiers, C2M2 and NCSC CAF.
- Extensive experience in measuring compliancy of an organisation or digital system against a given set of security criteria.
- Be certified by a well-known standards body in the provision of audits such as ISACA