ConsultTechnology is working with one of the big 4 who is seeking to appoint Cyber Security Director s into an ever-growing team of Cyber professionals.
As a Cyber Security Director in this Big 4 Firm, you will be an experienced and qualified security practitioner, ideally with consulting experience. The Cyber Security Director will worth with and support the Partners in the development of new and existing relationships with clients.
The Cyber Security Director will be a trusted advisor to clients and carry out high-quality cyber programmes.
You will help clients with various levels of cyber maturity through their entire journey, from assessing and advising, to designing and building transformation programmes and specific security solutions, to implementing and managing security solutions, often alongside selected market leading vendors.
Experience & Background (not all essential):
- Security operations centre strategy, assessment, designing and implementing security operations centre strategy, governance frameworks over processes, controls, organisation and infrastructure to management cyber security
- Security transformation programmes – design and management of security operations solutions implementations and / or remediation programmes to address risks across security operations centres including AV, patching, secure build, vulnerability scanning & remediation, logging and monitoring, segregation, threat management, user awareness
- Security policies and procedures, design and implementation of security policies, procedures, standards and controls in Managed Security operation centres and in line with regulation and/or current standards, ISO27001, NIST, SANS etc
- Designing and delivering identity & access management programmes, including privileged access management (experience of key vendors in this area is an advantage)
- Breach and incident management, design and implementation of breach and major incident management practices within EMEIA/ global organisations
- Data protection & privacy, including data loss prevention, data and information classification and handling, UK, EU and other jurisdiction data protection regulations, specifically including GDPR
- Resilience, design and implementation of programmes to improve IT Disaster Recovery, Business Continuity within managed security operations centres and across the whole estate Security vendor relationship experience in Big 4 or other organisation in support of Managed Cyber as a service offering
- SOC – Industry experience of setting up, developing and implementing a commercial Security Operations Centre
- Incident Response – experience managing an IR team, designing IR programs, implementing IR within clients
- Cyber Threat Management – experience designing, implementing, and managing Cyber Threat Management frameworks and programmes
- Vulnerability Management - experience designing, implementing, and managing Vulnerability Management frameworks and programmes
- Cyber Testing - experience designing, implementing, and managing Cyber Penetration Testing programmes
- Threat Intelligence - experience designing, implementing, and managing Threat Intelligence programmes
- Experience in multiple Security Information Event Management Systems (SIEM)