Cyber Security Assessor (IT Background) at Evalian Limited

We are seeking to hire a Cyber Security Assessor with an IT background to join our growing team. 

The role is ideally suited for someone with at least 3 years of IT experience who wishes to transition into cyber security, and to benefit from relevant training and mentoring.  

You will work with clients to assess and help improve their security posture through activities including Cyber Essentials readiness analysis, assessment and auditing, security assurance activities and technically minded cyber security controls assessments and consultancy.

Evalian is an information and data protection consultancy business specialising in penetration testing, cyber essentials certification, security advisory and regulatory compliance. 

We are a Cyber Essentials certification body; CREST accredited for penetration testing and provide cyber security and related consultancy to a wide variety of organisations across multiple sectors. 

The Role

Working within our Cyber Security team, you will learn to assess, advise, and support clients to improve their security posture and cyber resilience. Specific activities will include (but not be limited to):

• Conducting comprehensive independent cyber security audits for our clients, evaluating the effectiveness of their security controls, policies, procedures and processes against industry and regulatory standards, guidelines, and best practices (e.g., CIS 18, NIST Cybersecurity Framework, ISO27002, NIS D etc).
• Supporting the delivery of threat and risk assessment engagements to help clients identify key threats and actors, key systems, vulnerabilities. Provide practical and prioritised recommendations to mitigate risks.
• Conducting Cyber Essentials gap analysis to assess client’s current cyber security stance and develop tailored remediation programmes to help clients achieve alignment to the control requirements defined in the NCSC’ Cyber Essentials Technical Control domains.
• Auditing organisations against the Cyber Essentials / Cyber Essentials Plus standards (once trained and certified).
• Supporting the wider security team to deliver the following activities as required:
  • Delivery of client vulnerability assessments and phishing / social engineering assessments using various tools.
  • Delivery of Incident Response planning and testing engagements (including tabletop and live play excercises).
  • Delivery of supply chain security risk management services including supplier assessment, risk identification, risk rating and remediation activity.
• Provide general cyber security advice and guidance to clients of various sizes, operating in multiple sectors and regulatory environments.

We will provide on the job support and fund external training for specific qualifications and skills (e.g., Cyber Essentials qualifications, CISSP, CISSM, CRISC, etc) as part of a development plan. 

The Person

The successful candidate will have at least 3 years (excluding periods of study) in an IT or IT security role and a strong interest in and a desire to focus on cyber security. Your IT experience should be in one of more of:

• IT Support or Engineering
• Network / Infrastructure Support or Engineering
• Cyber Security Support or Engineering

Ideally you will have experience in a client facing role, but this is not essential provided you are comfortable working with third parties and have good communication skills. You will also require excellent writing skills as report drafting is a key part of the job.

You will need to be a self-starter who will fill in gaps in your knowledge through continued professional development; and you will want to attain additional security qualifications, supported by your employer and be willing to commit some personal time for studying for these

The Package

The salary will depend on your qualifications and experience but will be in the range of £45,000 to £55,000 plus benefits. 

All employees get 25 days of annual leave per year (excl public holidays) and access to our pension scheme. Benefits include private medical insurance, dental cashback, optical cashback and life insurance cover. 

Location & Minimum Requirements

The role can be office based (Canterbury, Winchester or Worcester), home based or hybrid. With this in mind, we are happy to receive applications from candidates in any part of the UK provided you can work effectively from home and are willing to travel to client sites from time to time.  

If you are home based, you'll need to have a dedicated, secure, working area and reliable internet connection. We may request that you attend our offices or events from time to time for various purposes, but we’ll always provide you with advance notice. Travel expenses will be reimbursed. 

Agencies

We are not working with agencies at this time. Thank you.