Cyro Information Assurance Consultant (GRC)
Location: Hybrid/Home
Type of Job: Permanent
Ref No: V11565
Cyro Cyber is looking for an enthusiastic team player to grow their Information Assurance career working on some projects of significant national interest.
Role Profile
Here at Cyro, we provide skilled experts to help our clients build cyber security and information assurance capabilities through pragmatic consultancy. This role will be a client-facing position helping to implement compliance regimes or controls to secure their organisations while learning from Information Assurance and Cyber Security experts.
We complete engagements for a variety of customers across Finance, Legal, Healthcare, Sport/Leisure, Critical National Infrastructure, Government, etc. The vast majority of work takes place in the UK, though some international travel may be required. The work is varied, with engagements ranging from 5-day projects to long-term placements. This is an ideal role to broaden experience and grow within one of the UK's most exciting cyber security consultancy organisations.
The role of Information Assurance Consultant is ideally suited to a person with experience in information security, either internally or as a consultant with a few years' experience, ready for the next step.
The role of IA Practitioner aligns with CCP/ SFIA Level 3.
Responsibilities:
You will be delivering services to clients across the wider Governance, Risk, and Compliance landscape, working independently or as part of a team. The successful applicant must be comfortable taking responsibility for their own time and quality of work.
As an Information Assurance Consultant, you will be:
Delivering readiness assessments to various clients against one of the many international frameworks or standards.
Advising and implementing remediation programs.
Conducting security risk assessments and technical architecture reviews.
Interpreting and applying appropriate standards, policies, and legislation (e.g., DORA, ISO, NIST, CE/CE+, CAF, etc.).
Assisting with the continual implementation and improvement of governance procedures within business units while adhering to central processes.
Supporting business units with conformance and compliance to International or de facto Standards, and re-certifications.
Leading projects to develop the cyber security service offering of the organisation.
Horizon scanning to identify and prepare to deliver services to meet clients' future requirements, adapting to emerging threats, trends, and industry best practices.
Developing strong professional bonds with clients and securing total confidence in you and Cyro to deliver exemplar services and solutions to their business needs.
Requirements:
Experience and knowledge to apply NIST, CSF, Cyber Essentials/CE+, TSA, ISO standards, and frameworks.
Experience in various risk methodologies.
Experience in Third-Party Risk Management.
Experience in Data Privacy.
Strong knowledge and experience in IT security.
Security qualifications such as CISSP, CISM, CompTIA CASP+.
A high standard of report writing.
Strong interpersonal and communication skills.
The ability to advise on regulatory and compliance matters.
Experience in ISO 27001, 27701, 22301, Operating Technology (OT) or other standards/frameworks, CISA is an advantage.
Eligibility for Security Clearance (successful appointment will be subject to being granted Security Clearance).
Excellent Employee Benefits:
Cyro is committed to ensuring that we offer industry leading career opportunities, salary and benefits packages. Join us and you can expect to receive:
· 26 days holiday, including public holidays, plus the option to buy or sell five days each year
· Company pension scheme
· A range of family friendly policies
· An employee-funded car leasing scheme
· Occupational health support
· Cyro Rewards Scheme
SFIA 3 Head line definition:
Autonomy - Works under general supervision. Uses discretion in identifying and resolving complex problems and assignments. Specific instruction is usually given and work is reviewed at frequent milestones. Determines when problems should be escalated to a higher level.
Influence - Interacts with and influences department/project team members. Frequent external contact with customers and suppliers. In predictable and structured areas may supervise others. Decisions may impact work assigned to individual/phases of project.
Complexity - Broad range of work, sometimes complex and non routine, in variety of environments.
Business skills - Understands and uses appropriate methods tools and applications. Demonstrates analytical and systematic approach to problem solving. Takes initiative in identifying and negotiating appropriate development opportunities. Demonstrates effective communication skills. Contributes fully to the work of teams. Can plan, schedule and monitor own work (and that of others where applicable) competently within limited time horizons and according to health and safety procedures. Is able to absorb and apply new technical information. Is able to work to required standards and to understand and use the appropriate methods, tools and applications. Appreciates wider field of information systems, how own role relates to other roles and to the business of the employer or client.
So why choose Cyro for your next opportunity?
· To build, run and maintain a successful compliance programme, you need a connected approach – a team you can trust from strategy to support, and everything in between. At Cyro, this is what we do!
· As part of our team, you could be working with some of the biggest names in the Critical Nation Infrastructure and Service Provider sectors including London Underground, Network Rail, Transport for London, RNLI, MOD and Virgin Media. You’ll help us ensure the most important messages get through – however tough the conditions.
· Here are just some of the ways we’re different:
o You’ll go further with us. We understand the importance of career development and will give you all the support you need to realise your potential. You’ll receive formal training, e-learning and mentoring from top professionals. And we offer opportunities to transfer to other sectors – or even different technology areas.
o You’ll make a difference. You could be working outdoors, battling the elements, or in one of our many offices helping us develop the network infrastructures of tomorrow.
o You’ll be treated as an individual. We’re not a vast corporation, which means every individual counts. With us, you’ll be valued and supported, involved and empowered from day one.
o You’ll be well rewarded. We offer salary progression that reflects market rates and personal performance, a flexible working environment and excellent training.
We reserve the right to close this vacancy once we have received sufficient applications.
Cyro is an equal opportunities employer and is committed to diversity and inclusion.