Information Assurance Practitioner

  • Location: Fleet Street, London

  • Working Pattern: Hybrid (3 days in office)

  • Job Type: Permanent

  • Start date: ASAP

The Vacancy:

The Information Assurance Practitioner role is designed for individuals looking to solidify their existing experience and knowledge of information assurance and cyber security. This position involves delivery of engagements to clients implementing and maintaining robust security practices.

The ideal candidate is a person seeking progression from an entry level role, with suitable practical experience within cyber security. Strong communication skills, proven experience with various national or international Standards and Frameworks, a commitment to excellence in client satisfaction, adaptability and a willingness to learn.

This role suits candidates seeking a challenge and further development, working within an incredibly professional, diverse and experienced team. Previous incumbents have progressed from this position to Senior or Principal level roles in consultancy, or management level positions internal to various organisations.

Responsibilities:

Governance, Risk and Compliance

Delivery of client engagements, including:

  • Cyber Security Maturity Assessments

  • Risk Management (Design, assessment and implementation against various frameworks)

Regulatory or Standard specific consulting:

  • ISO 9001, 22301, 27001, 27701,42000

  • Government: TSA, NIS, CAF, DORA, CRA

  • NIST: 800, CSF

The successful candidate may also be involved in:

  • Virtual CISO engagements

  • Incident Response Exercising

  • Third Party Risk Management

Internal Compliance and Security

Support the Cyro Cyber CISO and Internal Compliance team in delivery of their duties, to include:

  • Ensure compliance of services with relevant regulatory standards and frameworks (CREST SOC, ISO27001, Cyber Essentials, PSN, CAF, NIST, ISO9001, ISO2000).

  • Response to Supplier Due Diligence Activity.

  • Maintain overall security posture.

Client and Stakeholder Engagement

Collaborate with clients to identify their cybersecurity needs and deliver desired services solutions.

Support sales and marketing teams by contributing to content or events.

Technology and Innovation

Contribute to internal and external campaigns to improve Cyro Cyber’s Service Offering.

Contribute to automate and streamline processes for greater efficiency.

Personal Specification

  • Enthusiasm for Cyber Security.

  • Attention to detail and the ability to produce reports and presentations to a high standard.

  • Strong communication skills.

  • Strong analytical and problem-solving mindset.

  • Good relationship management skills.

  • Must take pride in their work.

Essential Skills and Experience

  • Experience assessing compliance against or implementing cyber security frameworks, methodologies, and best practices.

  • Strong knowledge and experience of IT Security.

  • Experience in assessing or implementing Governance within organisations.

  • Strong understanding and experience in a variety of Risk methodologies.

  • Eligible for Security Clearance (successful appointment will be subject to being granted Security Clearance)

Desirable Skills and Experience

  • Academic qualifications or certifications relating to cyber or information security.

  • Experience working in highly regulated environments or industries.

  • Experience working with or for the Emergency Services Network (ESN).

  • Experience working with or for Critical National Infrastructure.

  • Professional Registration under a relevant UK Cyber Security Council specialism.

  • Understanding or experience in Incident Response Exercising.

  • Familiarity with tools used for governance, risk management, and compliance (such as GRC software).

  • Knowledge or experience relating to Operational Technology or IEC 62443.

  • Experience of security requirements for 4G/5G mobile networks (voice, voice PTT and data)

  • Authoring and assessing code of connection documentation

  • Crypto / Crypto custodian experience

  • Business Continuity and Disaster Recovery experience in a Critical National Infrastructure environment

  • Previous experience operating with Developed Vetting (DV)

So why choose Cyro Cyber for your next opportunity?

To build, run and maintain a successful compliance programme, you need a connected approach – a team you can trust from strategy to support, and everything in between. At Cyro Cyber, this is what we do! As part of our team, you could be working with some of the biggest names in the Critical Nation Infrastructure and Service Provider sectors including London Underground, Network Rail, Transport for London, RNLI, MOD and Virgin Media. You’ll help us ensure the most important messages get through – however tough the conditions.

Benefits:

Cyro Cyber is committed to ensuring that we offer industry leading career opportunities, salary and benefits packages.

Join us and you can expect to receive:

  • 26 days holiday, including public holidays, plus the option to buy or sell five days each year

  • Private Medical Insurance

  • Company pension scheme

  • A range of family friendly policies

  • An employee-funded car leasing scheme

  • Monthly social events

  • Company away days

  • Cyro Rewards Scheme

Here are just some of the ways we’re different:

  • You’ll go further with us. We understand the importance of career development and will give you all the support you need to realise your potential. You’ll receive formal training, e-learning and mentoring from top professionals. We offer opportunities to transfer to other sectors – or even different technology areas.

  • You’ll make a difference. You could be working outdoors, battling the elements, or in one of our many offices helping us develop the network infrastructures of tomorrow.

  • You’ll be treated as an individual. We’re not a vast corporation, which means every individual counts. With us, you’ll be valued and supported, involved and empowered from day one.

  • You’ll be well rewarded. We offer salary progression that reflects market rates and personal performance, a flexible working environment and excellent training.

Cyro Cyber align with the Skills Framework for the Information Age (SFIA) Standard. This role aligns with a SFIA level 3, representing the following impact, responsibility and accountability.

"Performs varied tasks, sometimes complex and non-routine, using standard methods and procedures. Works under general direction, exercises discretion, and manages own work within deadlines. Proactively enhances skills and impact in the workplace."

Cyro Cyber is an equal opportunities employer and is committed to diversity and inclusion. We reserve the right to close this vacancy once we have received sufficient applications.