Job Description

###

About The Role

We are actively building diverse teams and welcome applications from everyone.

Role:

Principal Cyber Security Consultant

Location:

Birmingham

(SCC operate hybrid working, which comprises of a mix of office and home working)

Contract Type:

Permanent

Salary Package:

90,000 -

110,000

plus large company benefits, a broad flexible benefits scheme, and 2 paid-for volunteering days a year

Hours:

9.00 am - 5.30 pm, Monday - Friday

Interview Process:

2-stage process

Why SCC?

An inclusive workplace Excellent package: solid basic and company benefits Hybrid working & core hours in line with role requirements Career development and life-long learning opportunities Opportunity to join Europe's largest privately-owned IT Company

Role purpose:

The security landscape is changing which in turn is bringing new challenges and opportunities. The ability to support customers directly or through our services is critical to the ongoing success and reputation of the SCC business as a Managed Security Service Provider (MSSP).



Focussed on Cyber Security Advisory and GRC (Governance, Risk, and Compliance) the role holder will be responsible for managing and executing consultancy activities. The role will cover information security advisory and compliance across privacy regulation, and cybersecurity, including but not limited to, ISO27001, NIST, and CAF.



The Principal Cyber Security Consultant will be the subject matter expert leading project teams and liaising with other personnel to achieve customer requirements.



The successful candidate will demonstrate a passion not only for technology and technical solutions but also for people and relationships, building these both internally and externally to the organisation.


Continually looking for opportunities to evangelise on behalf of SCC to grow our reputation and increase our customer base.

Security clearance or the willingness to apply will be required for this role.

Key responsibilities:

Lead with a consultative approach engaging with customers and/or internal teams to advise of the best solution and work very closely with our customers to build strong long-term relationships, always seeking to become a 'trusted advisor'. Define and implement the consultancy framework (focussed on GRC) to be adopted within SCC to meet the needs of our customers. Develop client policies and procedures that comply with corporate and regulatory standards. Staying up to date with relevant laws, regulations, and industry standards affecting customers and adapting our service offerings to be current. Provide educational sessions to our sales teams on compliance requirements, risk management, and governance principles and how our services can help their customers. Have or build a significant web presence utilising tools such as LinkedIn and Vendor events to grow the reputation and visibility of SCC. Work collaboratively across SCC to further define our product set, enable go-to-market Cyber Security Advisory and GRC services through the design and implementation of service collateral for sales and delivery teams as required. Providing guidance to clients on technical and operational security measures designed to help defend against cyber threats. Work with the delivery and pre-sales teams to ensure technical sign-off of operational documentation and suggesting improvements as applicable. Act as mentor and provide support to colleagues across the technical teams. Supply technical and strategic input for ongoing development of portfolio and to bids, solutions, and RFP documents. Input to the architecture direction for SCC Cyber ensuring solutions will meet client and operational deliverables. Engage with the wider SCC sales teams to make them fully aware of our capabilities and expand our pipeline. Identify skills gaps and define resource requirements as necessary to build capability and resilience to deliver cybersecurity advisory and GRC service offerings.

Skills and experience:

Open minded approach to any challenge with a determination to succeed and the ability to listen, identify and accurately playback requirements to various stakeholders. Solid grasp of information security requirements and capabilities across different industries. Ability to guide engineering teams through the deployment where required; ability to write and review reports, procedures, and standards. Familiarity and demonstratable experience with Cyber Security Standards of Regulatory Frameworks such as NIST, NCSC CAF, NIS, ISO, and PCI. Awareness of working with Detect and Respond Security technologies such as SIEM, EDR, MDR, and XDR. Demonstrable understanding of technical and Information Security configuration and controls across multiple technologies such as Cloud, Firewalls, Anti-Virus, Encryption, IDS/IPS, RAS, MFA (Multi Factor Authentication), MS Directory Services, Exchange, VMWare, Citrix/VDI, Networking, database and storage technologies. Ability to guide engineering teams through the deployment where required; ability to write and review reports, procedures, and standards. Awareness of common exploits and vulnerabilities and how these may be prevented. Ideally hold or be working towards recognised Information Security qualifications (e.g., CISSP (Certified Information Systems Security Professional), CISM, ISO 27001 Lead Implementer, CISSP ISSAP). ###

About Us

SCC is Europe's largest privately-owned IT business, based out of the new 7m HQ office in Birmingham and we help clients succeed through IT transformation and exceptional customer experiences. We are a business where innovation is greater as we combine unique ideas, people and disciplines. We are a global company that is passionate about IT and where we look to simplify the complex.

We are an equal opportunities employer

SCC is committed to providing equal opportunities and a proactive and inclusive approach to equality and diversity in employment. No applicant or employee will be treated less favourably than another on the grounds of a protected characteristic which are defined as sex, sexual orientation, age, disability, gender reassignment, trade union membership or non-membership, marriage and civil partnership, pregnancy and maternity, race and religion or belief.

If you are selected for interview, and need any reasonable adjustments made for your interview, please let the SCC Talent Acquisition team know, at the point of scheduling.

Diversity & Inclusion at SCC -

https://www.scc.com/diversity-and-inclusion/

Sustainability at SCC -

https://www.scc.com/sustainability-at-scc/

Life at SCC

-

https://www.linkedin.com/company/scc/life