Share this Job

Senior Security Consultant - Advisory Consulting

Apply now »

Date: 19-Nov-2020

Location: Leamington Spa, GB

Company: Lloyds Register

Senior Security Consultant - Advisory Services


Nettitude is looking for a dynamic and proactive Cybersecurity Specialist to join Advisory Services, to form part of the growth strategy for Advisory Consulting.


This role supports the Advisory Services strategy through the delivery of consultancy under the Advisory Consultancy (AC) banner by providing subject matter expertise to Nettitude’s clients.  AC Consultants work collaboratively with clients to analyse problems and identify solutions. AC is focused on the risks associated with cyber resilience – helping our clients to protect their organisations by consulting on a range of technologies and processes to prevent, detect and manage cyber threats - leveraging your and Nettitude’s expertise.

Nettitude provides an agile work environment, where it invests in the growth and development of staff.


This role will include, but not be limited to, increasing Nettitude’s products and services with focus on:


  • Development of cybersecurity concepts and requirements
  • Cybersecurity verification planning and management
  • Cybersecurity vulnerability assessments and penetration testing
  • Design, development and problem solving to ensure client security
  • Perform any associated new technology research and horizon scanning
  • Assessing cyber risk and/or technology resilience
  • Leading projects on technology and cyber standards and guidance, such as NIST, ISO standards (Information security, resilience and Cyber related) COBIT, ITIL



This role requires a highly motivated individual with experience in creative but structured problem resolution and analysis. You will have a rare opportunity to understand and help shape the workings of AS at a time of change. You will have the opportunity to have a real impact with clients, while working collaboratively towards a common goal alongside a range of internal and external stakeholders.


The role is an excellent opportunity to use your technical expertise and industry experience across a wide range of clients / organisations, helping develop and implement their approach to technology and Cyber Risk strategies, tpyical engagements include: 



  • Conducting assessments of existing IT approaches / architecture for compliance with security requirements from applicable security frameworks (such as ISO 27001, NIST etc.)
  • Consulting on IT architecture deliverables, specific to information security countermeasure implementations, for operational systems and systems under development
  • Guiding the development of IT security policies, standards, and guidance



Role responsibilities:


  • Lead on complex technology and cyber projects
  • Supporting fellow colleagues demonstrating a recognised level of expertise
  • Share knowledge and experience through partnering, education and consulting
  • Lead on risk reviews to provide clients with a forward-looking judgement-based assessment, supported by the facts, on whether or not the clients cyber and operational resilience arrangements provide sufficient comfort in the specific area under review and, where this is not the case, recommend proactive actions and mitigations
  • Provide support to AS teams in responding to and assessing a client’s response to technology and cyber risks
  • Actively conduct external engagements, including regulatory bodies such as the Bank of England, the PRA, FCA and UK government agencies, as well as pan-European and global regulatory bodies on a range of cyber and technology resilience topics
  • Be recognised as a specialist and be able to carry a meeting with senior representatives in our largest and most complex clients
  • Lead on key strategic initiatives across AS, ensuring a cohesive approach, linking technology issues with wider business risks and ability to articulate what these risks mean to clients



Skills/Experience Required




  • Previous experience in either performing penetration testing or the implementation of recommendations and results from penetration testing
  • You will demonstrate a deep understanding of risk management in relation to the real world of cyber security and be able to express complex subject matter in accessible terms - both verbally and in writing.
  • Ability to raise internal staff and external customer awareness of security risks through multiple methods including training, presentations and documentation
  • Excellent written communication skills, with a capability to draft external reports and succinct, accurate communications with regulated entities and liaise with senior internal and external stakeholders
  • Strong interpersonal and influencing skills with evidence of team working and confidence, credibility and ability to interact effectively with a range of both domestic and international stakeholders including senior executives
  • Excellent analytical capability and judgement to assess the emerging risk of harm and identify effective mitigation strategies. The successful candidate will have a track record of a probing and sceptical approach in their review work in challenging, difficult or high-level contexts acquired through relevant experience in industry / consulting
  • Strong oral communication skills including clear and effective presentation to both internal and external audiences
  • Experience of project management including developing and delivering against plans, managing risks and issues along the way



  • An industry recognised qualification e.g. CISA, CISM, CRISC, CISSP etc.
  • Understanding of global regulatory landscape for technology and cyber risk
  • Experience in creating templates and documentation for security guidelines, standards and frameworks including COBIT
  • Conducting critical application and infrastructure penetration tests
  • Conducting threat modelling
  • Experience of defining strategies, methodologies, processes and procedures required to create a successful security strategy
  • Ability to manage and assure the security of systems using multiple techniques including penetration testing, audit exercises and technician training
  • Scoping and quality assuring penetration test reports
  • Undertaking web application and infrastructure penetration tests to assess true risk




Are you interested in this job? Apply now via the ‘apply’ button and upload your C.V. and cover letter to ​​​​​​https://career5.successfactors.eu/sfcareer/jobreqcareer?jobId=31841&company=lloydsregiP

Job Segment: Consulting, Project Manager, Information Security, Technology, Research