Cyber Security Associate - Southampton
PwC's Cyber Security Practice is seeking to recruit several cyber security professionals to work with one of our major clients based in Southampton.
You will work to help build Cyber Security into their organisations on both Enterprise and Technical levels, using and further developing PwC’s Security Architecture Framework and Methodology, tailored to meet the individual client needs.
We have a number of different roles detailed below:
- Technical Quality Managers
- Service Manager
- People& Culture Change Senior Associates
- Security Manager
- Risk Manager
Duties and responsibilities:
Enterprise Security Architecture
Assessment - to determine the strength of the foundations for security within organisations and to ensure that their vision, strategies, processes, people and technologies are aligned and organised effectively to optimise Cyber Security in support of their business goals.
Design & Implementation – to design and build security into organisations from ‘top to bottom’ so that it can be justified, and from ‘bottom to top’ so that it can be seen to be complete.
Technical Security Architecture
Assessment – to determine the strength and appropriateness of technical designs in mitigating relevant Cyber threats.
Design & Implementation – to formulate & communicate new architectures and demonstrate their suitability in mitigating relevant
Security Leadership & Management – planning, managing and organising the delivery of Security Architecture to clients. Assisting with the development of the Security Architecture Practice within the firm.
Security Transformation (and Security in Transformation) – working in large scale transformation programmes, building their capability to assess and design Cyber Security.
Communication & Influencing – working with senior stakeholders, utilising Security Architecture methods and collateral to influence their decisions.
Desired Experience & Qualifications:
- A track record of previous Cyber Security consulting experience, working on complex business-facing client problems.
- Experience of industry standard Architectural Methodologies and Frameworks such as SABSA and TOGAF.
- Experience of relevant technologies (such as Networks, LANs and WANs, Servers & Hosting, Virtualisation, Applications, Identity Management etc.) and how to securely implement them.
- A sound understanding of how to model threats & risks as well as the controls necessary to mitigate them, on both an organisational and technical level.
- An understanding of how business strategy, risk, regulation and technical constraints influence organisational responses to cyber security.
- Excellent communication skills – both oral (for interviews/meetings, presentations) and written (for designing and writing engaging reports which communicate findings succinctly and clearly convey the message in a way which is appropriate for the audience, and rooted in the client’s needs).
- Experience of business development or sales, including leading bid teams, and experience of writing winning proposals and RFP responses.
- Cyber Security related qualification(s) such as CISSP, CISM, CREST Technical Security Architect, ISO Lead Auditor etc
- An understanding of security methodologies, best practice and industry standards
- Experience in risk & regulatory frameworks and standards such as NIST 800, ISO 27001, ISF SOGP, PCI-DSS etc