Information Security Consultant

North builds stronger networks and creates smarter places. Our intelligent technology solutions and robust network infrastructures transform the way people, places, and organisations work. And we focus our expertise on working in three specialist sectors: public services, enterprise & data centres, and defence & justice.

Our people are industrious and inventive. We collaborate closely with our clients to understand their unique needs and challenges and take pride in delivering impactful solutions that make their environments better connected, simpler to manage, safer to be in, and more efficient to run.

The work we do at North is pioneering and fun. We build meaningfully, we think bigger, and we always advance. Our diverse range of customers and services make every day different. We always look at things from the customer’s point of view. Our values are know your craft, know your colleagues, know your customers and know how to connect.  At North, we know and value the power of connecting people, skills and technologies in new and exciting ways.

North is looking to appoint a customer facing Information Security Consultant.

The successful candidate will be responsible for ensuring the cyber & info security integrity of North’s customer deployments and for working with North’s major customers to assess and, where required, improve the cyber-security robustness where their IT and OT deployments are converging onto common networks and platforms – particularly where these are adjacent to North’s solution deployments.

This role requires a cyber security subject matter expert with a deep understanding of current and emerging cybersecurity threats and how to mitigate them – particularly in the arena of Operational Technologies – through the application of technology, process and risk assessment.

In addition, the candidate should have understanding, and experience, in the application of NCSC best practice and UK government accreditation frameworks including Cyber Assessment Framework and Secure by Design. 

Finally, the candidate must have excellent consulting, stakeholder management and communication skills, with demonstrable experience of applying these skills internally and in customer facing environments

Note: Accountability for internal cyber-security lies with North’s Head of IT

RESPONSIBILITIES

This new role will involve working with the product team and other technical leaders and experts, developing and implementing a cyber security strategy and framework against which North’s portfolio of services and solutions can be developed and deployed. The role will support North’s three sectors: Defence & Justice; Public Services; Datacentre & Enterprise.

The successful candidate will have 4 main responsibilities

• Develop, and continually enhance, North’s customer-facing cyber security framework which will be compatible with “Secure by Design” and CAF (Cyber Assessment Framework) principles, and any other relevant regulations and industry standards, namely

• Clear responsibility for cyber security risk
• Source secure technology products
• Adopt a risk-driven approach
• Design usable security controls
• Build in detect and respond security
• Design flexible architectures
• Minimise the attack surface
• Defend in depth
• Embed continuous assurance
• Make changes securely

• Ensure and assure that North’s customer deployments comply with North’s  cyber security framework, with industry regulations and with any customer security accreditations & requirements – including GDPR, ISO27001 and Cyber Essentials plus
  • With particular focus where North’s solutions integrate with North’s IT systems, supplier IT systems, customer IT systems & corporate networks

• Lead customer-facing cyber-security audit &/or assurance exercises together with any follow-up programmes
  • These will typically focus on the deployment of customer Operational Technology solutions &/or IT or OT that is adjacent to North’s solutions

• Work as a core pre-sales member of selective large &/or strategic bids ensuring that customers’ tender requirements relating to cyber-security are fully understood and addressed, and that customers’ fully appreciate the focus and importance that North places on cyber-security

To succeed in the role, the following skills, knowledge and attributes are key: 

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field 
• Professional certifications such as CISSP, CISM,NCSC CCP or CCISO are highly desirable 

• Extensive experience in information & cyber security with demonstrable experience working with Operational Technology + Information Technology
• Strong knowledge of cybersecurity frameworks, standards, and best practices: experience applying Secure by Design &/or Cyber Assessment Framework is highly desirable
• A strong & demonstrable understanding of how to combine technology, policy & process, risk management and user education in order to minimise cyber-security risks

• Excellent problem-solving, analytical, and process focused skills set.
• Strong communication, interpersonal and senior stakeholder management skills

North rewards employees with a competitive market salary and an excellent benefits package and offers fantastic opportunities for progression throughout the company. Further details of package on offer will be discussed at application stage. North is an equals opportunity employer, we celebrate diversity and are committed to creating an inclusive environment for all employees.