Senior Cyber Security Consultant

Summary

Samurai Digital Security Ltd is rapidly growing and we are seeking a highly skilled Senior Cyber Security Consultant experienced in working on a range of projects covering the breadth of Cyber Security including: Cyber Strategy Development, Cyber Programme Management and Definition, Cyber Maturity Assessments, Cyber Transformation and Cyber Risk.

A successful candidate will be a credible and trustworthy consultant with excellent client facing communication skills and strong leadership abilities. They will act as trusted source of information for our clients in a vCISO capacity and will be responsible for analysing and
designing security solutions to meet their requirements.

Salary and Package

• £60,000 – £70,000 – With annual reviews for salary and training plans
• £5,000 p/y training budget assigned for personal/professional development
• 20 Standard Holidays + 8 Bank Holidays + 2 further “Samurai” days holiday, making a total of 30 holiday days
• 1 additional holiday is granted per year of service, making a possible total of 35
• Private Medical Cover after 6 months
• 2 Development days dedicated each month to work on personal/passion projects
• Company Issued Laptop
• Training provided by our technical director with CTL
• Remote working full time
• Quarterly team events (Gaming, Laser Tag, Meals, Go-Karting, Spa).
• EMI Share options available after 12 months
• Opportunity to be involved with SLT decision-making and have a direct influence on the direction of the company

Reports to:

COO & CEO

Responsibilities and Duties

The responsibilities and duties of the role are as follows:

• Performing security/gap analysis reviews in line with leading industry standards (such as ISO, NIST CSF, CIS18 etc.)
• Carrying out a review of risk management and security controls for clients & IT systems
• Developing risk management strategies from the results of risk assessments/gap analysis
• Reviewing and developing security strategies, policies, standards, and processes
• Project management and delivery experience across the following Cyber Security areas: frameworks (e.g., NIST CSF, ISO27001, CIS18.), assessments, implementation, roadmap definition (tactical and strategic), strategy, risk identification and management, controls
• Analysing and designing security solutions to meet client requirements
• Designing, scoping, and estimating cyber security engagements for clients
• Developing short- and medium-term security roadmaps for clients to meet their security objectives
• Delivering and managing cyber security projects from initial development to completion
• Taking a pragmatic approach to identifying and explaining cyber risks within complex transformation initiatives, frameworks, programme management and target operating modelling
• Acting as a vCISO to our clients (alongside other senior members of staff), providing advice and guidance on how to best prioritise and invest their resources in cybersecurity

Requirements, skills, experience and qualifications for this role are:

• 5 years of professional experience delivering cyber security projects, either
  operationally or as a consultant
• Industry certifications such as CISSP, CISA, CISM, and CySA+
• Strong understanding of security frameworks such as NIST CSF, ISO 27001, and CIS18
• Experience with a variety of security tools and technologies such as firewalls, intrusion detection/prevention systems, and vulnerability scanners

Not required, but beneficial;

• Experience in advising Financial Services & Healthcare organisations on what good cyber
  security looks like, based on the cyber security threats, and risks they face
• Understanding of the Financial Services & Healthcare Cyber Security threat landscape
  and the UK Financial Services & Healthcare regulatory landscape (e.g., PRA, FCA, BoE, ECB, MAS)
• Awareness of security standards and regulations within the UK Financial Services sector

An employee working in this role will demonstrate the following qualities:

• Self-motivated and strives to go the extra mile, in line with Samurai’s core cultural
  values:
  • Team player
  • Takes initiative
  • Take ownership
  • Passionate
• Strong written and verbal communication skills
• Strong desire to continuously learn and develop your skills
• Willingness to inspire and lead the other members of the team with their infrastructure testing
• Ability to work both independently and as part of a team to assist technical members where necessary
• A passion for technology, creativity and innovation

Work from home full-time
The role is primarily remote, however, you may be required to go to the office occasionally for team meetings or Onsite client engagements (Upon client request)

Working Schedule
Full-time position – 37.5 Hours per week

About Samurai

Samurai Digital Security is a Cyber Security and Information Governance company who formed in 2016. The company was conceptualised at Sheffield Hallam University and was founded by ex-lecturers and staffed by ex-students. Over the past five years, we have grown considerably. We are a dynamic company who fully embraced remote and flexible working since we were founded. We have a diverse set of clients who require many different cybersecurity services. We invest heavily in our consultants to ensure they are personally fulfilled and perform unparalleled service for our clients. As a company spun out of academia, we are driven to find research-inspired Avant Garde solutions to issues in the cybersecurity problem domain. We are NOT your average pen testing company.

Samurai have been recognised by the National Cyber Security Centre (NCSC), which is the cybersecurity department of GCHQ, as a Certified Cyber Security Consultancy (CCSC). It has achieved this prestigious accolade in the areas of cyber security risk assessment and risk management. Samurai is currently the smallest company (headcount) to have achieved CCSC status, with its head consultant (Dr David Day) also being a Certified Cyber Professional with the NCSC. Samurai is also a CREST-assured penetration testing company. It has a CHECK application in progress with the NCSC (expected January 2023) and its penetration testing head (Ali Malik)
holding the Check Team Leader certification.

Samurai is also a member of the Cyber Security Information Sharing Partnership (CiSP), an invitation-only initiative set up to allow UK organisations to share cyber threat information in a secure and confidential environment. Samurai’s CEO (Dr David Day) is a Special Officer working with the National Cyber Crime Unit (NCCU), working with the National Crime Agency (NCA) through an invitation to assist in solving cyber crimes deemed a threat to national security.

History

The company takes its name from the Japanese Samurai warriors. In the 13th century, outnumbered 4 to 1, and with inferior weaponry, the Samurai’s defeated the Mongol Yuan Dynasty. This was achieved through superior military training and strategies. In the battle against hackers, we are outgunned. They have more numbers, resources, money, and time. They have the potential to win the fight before we even know it has started. But, just like the Samurai Warriors, with superior training and strategies, they can and will be defeated. The spirit of excellence defeating brute force inspired David to make Samurai Digital Security the company of today, a team of highly trained individuals delivering excellence. Since 2016, the company has enjoyed continued growth and success.

Services

Samurai creates and implements inventive and professionally researched cybersecurity solutions, positioning ourselves as a long term strategic partner and solutions architect.

Services we provide include:

• Penetration testing (Infrastructure, Web/Mobile apps, Cloud) Compliance (ISO 27001, GDPR, IASME)
• Managed security (Endpoints, Networks, Emails)
• Training (CREST, CompTIA, Red teaming)
• Cyber Incident response

Apply Now!

If this looks like the right job for you, send over your CV and cover letter & let's get in touch!