The Role and Responsibilities

Your key responsibilities will encompass the following:

• Consulting with clients to identify the security resilience requirements needed to safeguard their organisations mission and business activities.

• The application of architectural and cyber resilience principles to develop appropriate models, standards, policies and solutions that support the client in their security resilience.
• Identify effective human, procedural and technical controls to reduce the effectiveness of a cyber-attack and minimise the organisation’s cyber risks.
• Work with engineering teams to embed security design principles and activities in the engineering development lifecycle.
• Evaluate security architectures and designs to understand the effectiveness of these designs from a security perspective. Provide advice and support in remedying any gaps. 
• Provide Cyber Security advice and guidance for clients in ‘business as usual’, technical refresh and new project environments.
• Identify critical business functions and the cyber effects that may be created to adversely impact them.  Create client centric solutions to address these cyber risks. 
• Be able to apply technical knowledge, with creative and innovative thinking in a broad range of complex and non-routine contexts.
• Build successful working relationships with team members, key customers and stakeholders that improves the value of the security services being performed.

The Requirements

Essential:

• Experience of delivering technical Cyber Security consultancy in multi-disciplined environments.
• Awareness of the various business drivers different organisations may have.
• An awareness of the Ability to work alongside enterprise architecture and the systems engineers.
• Experience of conducting cyber risk assessments/management and the deployment of appropriate controls.
• An excellent communicator, verbal (active listener) and written (able to write concisely).
• Ability to articulate and pitch Cyber Security advice both at a technical and non-technical level, directly to key customer stakeholders.
• Ability to work on multiple projects and tasks concurrently, successfully balancing business and client priorities.
• Ability to provide high-quality work under pressure that delivers security outcomes to tight deadlines and manage client stakeholder expectations.
• Ability to work both effectively individually and within a team in a multi-discipline environment and in a matrix organisation.
• A wide awareness of Cyber Security across Government and Industry to include; HMG Information Assurance Policies, Standards and Guidelines, including the Security Policy Framework, the CESG IA Portfolio and JSP440 (plus other standard MOD Information Assurance methods).
• An interest in maintaining and enhancing technical and consultancy skills.
• Ambition to work in a challenging and rewarding role that provides real benefit to clients.

Desirable:

• Experience of applying SABSA or equivalent security architecture approaches.
• Experience of using cyber kill chain analysis to identify practical interventions to reduce the effectiveness of an attack, stop or it’s propagation throughout the system/s in question.
• CESG Certified Professional (Security and Information Risk Advisor or Security Architect).
• Understanding of the different approaches and technologies used in identifying and addressing cyber threats on the network.
• Awareness of how the cyber analyst integrates with network operations including using and applying Security incident and event management.
• Awareness of data analytics and how they can be used in cyber security.
• Certified Information Systems Security Professional (CISSP) or equivalent.
• Associate/Full Membership of recognised security professional body such as the Institute of Engineering Technology (IET), Institute of Information Security Professionals (IISP) or the British Computer Society (BSC).
• A keen interest in the latest technology with a focus on security technologies.
• Experience within programme and project environments.

Security

This role may require security clearance and offers of employment will be dependent on obtaining the relevant level of clearance. If this is necessary it will be discussed with you at interview. 

If applying to this role please do not make reference to (in conversation) or include in your application or CV,  details of any current or previously held security clearance.

ATKINS, part of the SNC Lavalin Group, is committed to having a diverse and inclusive workforce. As an Equal Opportunities Employer, we value applications from all backgrounds, cultures and ability.

#LI-ADST