Senior Security Consultant

About The Role

All Senior Security Consultants

• Deliver a range of Cyber Practice function service offerings in line with employee’s capabilities
• Lead complex customer projects across the range of Cyber Practice function service offerings in line with employee’s capabilities
• Perform QA (Quality Assurance) reviews of customer reports as necessary
• Assist with pre/post sales activities as required
• Provide technical mentoring to other colleagues delivering the same services
• Maintain excellent communication with customers
• Maintain excellent communication and collaboration with internal teams to support Claranet in meeting its vision
• Keep up with industry trends, emerging threats, and technological advancements to effectively address new challenges and technologies
• Service delivery on customer sites as required
• Assist with the development and growth of the Cyber Security function’s services offerings
• Assist with the development of cutting-edge training material for internal and external delivery
• Deliver training, webinars, and seminars
• Contribute to the writing and publishing of whitepapers and advisories
• Fulfilling any re-certification requirements

• Perform a range of PCI DSS consultancy covering the Cyber Practice function’s range of PCI QSA service offerings consisting of, but not limited to:
  • cardholder data environment mapping exercises
  • gap analysis
  • assisted SAQ submissions
  • Report on Compliance (ROC) assessments
  • general PCI QSA consultancy
  • de-scoping recommendations/advice
  • architecture reviews
  • internal Report on Compliance (ROC) assessments

• Perform a range of ISO 27001 consultancy covering the Cyber Practice function’s range of ISO 27001 service offerings consisting of, but not limited to:
  • understanding the organisations
  • ISMS risk management introduction
  • asset identification
  • risk assessment
  • ISMS management
  • risk treatment
  • internal audit
• Strong experience with undertaking risk assessments.

• Customer Experience and Managed Services – ensure we are consistently providing the best service to our customers, proactively monitoring their needs, and integrating their feedback into our future portfolio and propositions.
• Customer Success and Growth – ensure that the portfolio is up to date, meets customer needs, enables cross and up selling, and provide pre-sales support when required.
• Portfolio, Alliances & Technology Practices – support efforts to embed Cyber Practice function services into customer solutions.
• Finance & Corporate Development – submission of any work-related expenses.

About You

Behavioural competencies – organisational and behavioural fit

• Customer facing, able to represent Claranet confidently and professionally
• Willing to travel to deliver onsite work as required
• Ability to identify and work with colleagues to deploy improvements to delivery processes
• Self-motivated and able to work in an independent manner as well as part of a dynamic team
• Excellent written and oral communications skills
• Excellent attention to detail
• Good numeracy and organisational skills
• Positive, collaborative, and enthusiastic

• One or more industry recognised qualifications; i.e. CISSP, CISM, CISA, ISO 27001 Lead Auditor, PCI QSA, etc.
• Extensive experience leading own security consultancy projects/assessments/audits
• Aptitude for understanding, interpreting, and applying objective standards to specific responses
• Working under pressure of deadlines and structuring workload accordingly
• Problem-solving, helping others to understand complex ideas
• Providing advice and guidance in customer-facing situations
• Ability to work to tight deadlines, prioritise and manage workload
• Deep knowledge and understanding of security technologies
• Deep knowledge and understanding of networking
• Ability to quickly learn and understand new skills and technologies specific to the Cyber Security industry
• Take own initiate to expand information security knowledge
• Ability to write concise, accurate and timely reports
• For QSA consultants:
  • Extensive experience completing PCI DSS consultancy projects and assessments
  • Extensive experience completing complex ROCs
• For ISO 27001 consultants:
  • Extensive experience leading ISO 27001 consultancy projects, assessments, and audits
  • Extensive experience completing internal or external audits
  • Extensive experience conducting risk assessments

• Experience leading audits/assessments against security framework (i.e. ISO 27001, PCI DSS, Cyber Essentials)
• GDPR Experience
• SOC 2 Experience
• NIST Experience
• Full UK driving license (for UK recruitment)
• Experience managing client projects
• Information security consulting experience

About Us

About Claranet

Founded at the beginning of the dot.com bubble in 1996, our CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP) in the UK to being one of the leading business modernisation experts, who deliver solutions across 11+ countries.

At Claranet, we’re experienced in implementing progressive technology solutions which help our customers solve their epic business challenges. We’re committed to understanding their problems, delivering answers quickly, and making a lasting impact to their business.

We are agile, focused and experienced in business modernisation. Our approach helps customers make genuine, significant shifts in their business strategy, to deliver financial savings, boost innovation, and create a resilient business. We continually invest in our people and the latest technologies, so our customers get peace of mind knowing that they have access to the best talent and services.

In the UK we have over 500 staff working in London, Gloucester, Warrington, Bristol, and Leeds, or as homeworkers.

Working For Claranet

Here at Claranet we pride ourselves on going the extra mile for and with our employees (yes, we really mean it). We offer an extensive benefits package that you can tailor to your needs, inclusive of a matching contribution pension scheme, healthcare, insurance, dental, discounted gyms, and app supported benefit access.

But what we think makes us different is ‘Team Claranet,’ our dedicated internal part of the business that supports you with matters close to your heart. We proudly support local charities in each of our office locations, support employees with paid charity leave, organise key charity fundraising event per year and have a dedicated committee responsible for supporting employee’s fundraising efforts.

Claranet are one of the 10 founding members of TC4RE (Technology Community for Racial Equality.) Being a part of a group of leading UK technology organisations, we are dedicated to building a more diverse and inclusive workforce. We are also very proud members of Tech Talent Charter, a government supported, industry-led membership group created to address the UK’s tech talent shortage and diversity gap through collective action.

Our Vision

Our vision is to become the most trusted technology solutions partner; renowned for being the best and brightest, having lasting impact with our customers and delivering exceptional returns to our stakeholders.

Cyber Practice

Claranet’s Cyber Practice is dynamic and fast-moving, delivering a comprehensive range of professional services and managed services both onsite and remotely. The Cyber Practice consists of highly skilled professionals delivering a myriad of offensive security testing and governance, risk, and compliance (GRC) services in support of Claranet’s vision. Taking a customer first approach, Claranet’s Cyber Practice prides itself in providing world-class services designed to meet the specific and individual needs of all customers, across all industries.

Position Summary

As a Senior Security Consultant working within the Cyber Practice, your primary role, based upon your competencies, experience and certifications, will be delivering a variety of GRC (Governance, Risk and Compliance) services to customers. GRC services will include, but not limited to; threat modelling, business impact assessment, security reviews and risk assessments, PCI DSS related consultancy, ISO 27001 consultancy and auditing, ASSURE Auditing, Cyber Security Assessments, Policy & Procedure reviews, and data protection consultancy. You will compose your findings into a concise report and interact closely with customers to help articulate advice and guidance contained within the final reports.

You will also be expected to assist in the development of new service offerings and maintaining existing services to ensure Claranet continues to deliver cutting edge consultancy meeting client expectations and needs in support of Claranet’s vision. Working within other GRC areas may also be expected as new service offerings are developed.

Role Mission

Claranet UK’s strategy is to build long-term, trusted relationships with its customers by delivering market-leading, integrated managed services. We are seeking a security consultant to deliver high-quality security services to meet the needs of our customers and to contribute to the continued development of our market-leading portfolio designed to meet the growing and diverse needs of our customers.

Objectives and Key Results

The Senior Security Consultant is part of the Cyber Practice.

The key objectives and results will be to:

• successful delivery of Cyber Practice function service offerings in line with employee capabilities, experience, certifications, and training/mentoring
• provide, ongoing support and mentoring of the GRC team
• ensure customer satisfaction by delivering Cyber Security function’s services to a high-quality standard, meeting customer’s needs
• support a knowledge sharing culture between team members
• play an active role in Claranet’s efforts in service development, improvements, and optimisation
• support cross-function collaboration to facilitate effective communication and collaboration between Claranet stakeholders to help Claranet meet its vision