Security and Information Risk Advisor London, England
McKinsey & Company
Full Time
London, England
37000 - 65000 GBP ANNUAL Today
Job description
Who You'll Work With
You’ll work with and support our Client Services Teams in our UK offices. You will come from a public sector and/or defense background with experience in relevant areas such as Security Policy Framework (SPF), Government Functional Standard 007 (Security), JSP 440, JSP 604, NCSC Security Guidance, Risk Management and Accreditation Document Set (RMADS), ISO27001, NIST and Secure By Design.
What You'll Do
You’ll support a portfolio of projects across the UK public sector providing security support and guidance to Client Service Teams, ensuring security is a core part of all project execution and decisions.
While developing and supporting security assurance processes for relevant projects you’ll liaise as required with client security representatives and brief members of the Client Service Teams to build awareness of security processes within the organization. This would include collaborating with various teams across a number of technical matters, risk and assurance.
You’ll work with the Client Service Teams to provide evidence of security accreditation and assurance activities in support of projects and ensure that security best practices are adhered to. As you provide specialized security advice to enable the Client Service Teams to make security decisions and ensure the effective use of common tools and patterns you’ll also identify new technologies and security design to benefit Client Service Teams and projects. Additionally, you will manage and oversee the delivery of accreditations deliverable artifacts e.g., RMADS, Secure By Design, IPSA, etc.
Qualifications
- 5+ years of experience working in the Public Sector and/or Defense environments
- Significant experience applying Cyber Security standards, IT and Information Assurance controls to business information models (SPF, GovS 007, JSP 440, JSP 604, NIST SP 800-30, NIST SP 800-53, ISO27001, GDPR, DPA 2018)
- Experience as a lead or senior NCSC Cyber Certified Practitioner (CCP) at SIRA level or equivalent qualifications (CISSP, CISM, CIISec)
- Proven ability to interpret business requirements and technical IT documentation into Cyber Security requirements
- Excellent communication skills and the ability to deliver presentations to stakeholders in a professional manner
- Strong understanding of IT architecture and NCSC architectural approach
- Experience building strong, professional relationship with senior client stakeholders and senior management
- Ability to travel as needed
McKinsey & Company
www.quantumblack.com/careers
London, United Kingdom
Jeremy Palmer and Alex Singla
Unknown / Non-Applicable
201 to 500 Employees
Company - Private
Business Consulting
2009
