Principal Cyber Security Consultant (Senior Manager)

Savanti is a practitioner-led consulting firm with unrivalled expertise when it comes to cyber security. We remove the fear, uncertainty and doubt associated with cyber risk allowing our clients to get on with what they do best.

Our clients range in size from innovative start-ups to the largest global organisations, with many household names across industries including banking, insurance, retail, energy, manufacturing, sport and education. They are predominantly UK-based but we also have clients throughout Europe and as far away as Japan.

Help us push the boundaries of current security thinking and challenge the status quo.

We offer a competitive package and the opportunity to quickly grow your responsibilities with an accelerated career path.

We are an absolute meritocracy and will generously reward those who make a positive difference to our business.

Key Accountabilities

We are currently expanding our client-facing teams to meet the demands of our growing client base and are looking to recruit a Principal Cyber Security Consultant.

The Principal Cyber Security Consultant will influence and inspire our clients’ information security programmes; take on leading roles at client organisations to improve their security posture; and oversee our larger project teams in the delivery of complicated technical security engagements. This might include:

• Designing reference security architecture
• Developing and implementing vulnerability management programmes
• Advising clients on leveraging native cloud security capabilities
• Assisting client with the specification and selection of security tools
• Leading cyber security assessments across a range of clients
• Taking on client CISO, or equivalent, roles
• Developing services for Savanti to take to clients
 

A general, and fundamental requirement for all our staff is that they share the following two key qualities: they are great in front of clients, and they bring demonstrable subject matter expertise.

We strongly value ambition, self-motivation and an entrepreneurial streak and we appreciate the benefits which can be brought to the company by consultants with varied experience, gained from a wide range of career and educational paths.

Experience

• Demonstrable experience of managing information security improvement across a range of technical domains including infrastructure and network security, threat and vulnerability management, and secure software development
• Demonstrable experience of developing and implementing secure solution architecture for hybrid-cloud and/or cloud-first client environments
• Demonstrable experience of defining architectural principles, standards, and roadmaps to support business objectives
• Significant experience of successfully working with large organisations is a must
• Excellent stakeholder management and influencing skills
• Excellent presentation and communication skills
• Experience of working with a wide range of information security related toolsets

Demonstrable and extensive expertise in at least four of the following areas:

• Secure software development lifecycle (S-SDLC) implementation
• DevSecOps and Agile security
• Identity and access management
• Microsoft 365 security architecture
• Security incident response and vulnerability management
• Network security including network firewalls, intrusion detection and prevention
• Cloud security architecture including native AWS, Azure, Google Cloud, and Kubernetes capabilities
• Web application firewalls and proxies

Qualifications & Certifications

Appropriate industry qualifications and certifications such as MSc InfoSec, CISSP ISSAP, CRISC, SABSA etc. are beneficial but experience, and attitude, is what we really look for.

Successful candidates for this position will be subject to a DBS check.

Savanti are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age.

At Savanti, we source candidates directly and are not looking to engage with any agencies. We do not accept or pay fees for any unsolicited emails or speculative CVs that are submitted to our employees