Principal Consultant

Role: Principal Consultant

Division: Consulting & Implementation (C&I)

Summary of role

NCC Group provides Information Assurance consultancy to help businesses protect critical systems and information. We do this by defining security strategies, developing policies, conducting security maturity and risk assessments, architecture reviews and by delivering security awareness & training. We also provide security burst capacity to businesses to provide an on-demand cyber expert in the short, medium or long term to solve pressing business cyber orientated problems and challenges.

Our core services include:

• Strategy and governance                                  
• On-demand augmentation roles
• Data discovery and mapping                             
• Risk advisory and assurance
• Business resilience                                           
• Data privacy and GDPR ISO 27001 assessments                                   
• Supply chain assurance
• PCI, PIN, and 3DS                                           
• Incident response readiness and planning Card production
• audits                                      
• Cyber maturity assessments
• Incident response planning                                
• Gold/Silver/Bronze tabletops

Alongside our core services, we have a range of bespoke services to help organisations protect their systems and information:

• Risk mitigation assessments
• Security architecture review
• Security awareness and Training programmes
• Security policy development and adoption
• Cyber transformation programmes

We have a fantastic new opportunity to join our Spain Consulting and Implementation division for a Principal Consultant to play a leading role in the development of capability and team presence in the region. The ideal candidate will have extensive prior consulting experience and demonstrable commercial exposure within the cyber and assurance field, gained from delivering a diverse range of cyber and assurance services ideally across a broad client base. In addition to your technical skills, you will have strong client facing skills and be comfortable dealing with senior client stakeholders.

Key responsibilities

• Build and mentor a team of technically gifted and cyber aware consultants.
• Build and maintain sustainable trusted client relationships through high-quality delivery and business development activities.
• Conduct onsite and remote activities to advise, assess, analyse, and report in line with the engagement and client business requirements. This will involve meeting client stakeholders, conduct of documentation reviews, auditing technical solutions and systems as well as presenting information and advice to senior business partners.
• Translate the technical and non-technical findings from an assessment or exercise into relevant, actionable remediation road maps for customers.
• Responsible for adhering to all internal policy and procedures in relation to security and quality best practice.
• Engage heavily with Sales colleagues to identify and build an enviable client base.

Assist with sales proposals, bids and tenders for delivery of Assurance & Compliance services.

Requirements

Minimum Required Skills

• You will have working knowledge of core control frameworks, such as, NIST, SANS Top 20 CSC, ISO 27001, Privacy, NIS and CAF.
• Have experience of delivering risk assessments using common risk methodologies like ISO 27005, IRAM and FAIR.
• Have experience of common compliance standards such as PCI DSS.
• You are diligent and time conscious to deliver projects on time and in budget, and to a high level of customer satisfaction – exercising customer care at all times.
• Demonstrate a strong ability to develop a rapport with customers and to engender long lasting trusted relationships.
• Have strong business, consultancy and technical skills within the cyber security industry.
• Excellent communication, consulting soft skills and presentation skills.
• Exceptional written communication and reporting skills.

Desired Skills and Qualifications

Demonstrable capability and qualifications across multiple of the following technical areas is advantageous.

• SOC / SIEM assessments and tooling
• Identity and Zero trust
• Security design and architecture
• Operational Technology (OT)
• ISA 62443
• Artificial Intelligence
• Cloud related certifications across AWS/GCP/Azure
• CISM / CISSP / CRISC / ISO 27001 LI/LA / CISA

Ways of working

Focusing on Clients and Customers.

Working as One NCC.

Always Learning.

Being Inclusive and Respectful.

Delivering Brilliantly.

Our company

At NCC Group, our mission is to create a more secure digital future. That mission underpins everything we do, from our work with our incredible clients to groundbreaking research shaping our industry. Our teams' partner with clients across a multitude of industries, delving into, securing new products, and emerging technologies, as well as solving complex security problems. As global leaders in cyber and escrow, NCC Group is a people-powered business seeking the next group of brilliant minds to join our ranks.

Our colleagues are our greatest asset, and NCC Group is committed to providing an inclusive and supportive work environment that fosters creativity, collaboration, authenticity, and accountability. We want colleagues to put down roots at NCC Group, and we offer a comprehensive benefits package, as well as opportunities for learning and development and career growth. We believe our people are at their brilliant best when they feel bolstered in all aspects of their well-being, and we offer wellness programs and flexible working arrangements to provide that vital support.

Come join us?

What do we offer in return?

We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits:

⏰Flexible working

💸 Financial & Investment

Pension

Life Assurance

Share Save Scheme

Maternity & Paternity leave

🙋🏾Community & Volunteering Programmes

⚡ Green Car Scheme

🚴 Cycle Scheme

🧑🏻‍🤝‍🧑🏻 Employee Referral Program

🧘🏻 Lifestyle & Wellness

🎓 Learning & Development

👨🏿‍🦽 Diversity & Inclusion

So, what’s next?

If this sounds like the right opportunity for you, then we would love to hear from you! Click on apply to this job to send us your CV and cover letter and the relevant member of our global talent team will be in touch with you. Alternatively send your details to global.ta@nccgroup.com .

About your application

We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.

If you do not want us to retain your details, please email global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Policy (candidate-privacy-notice-261023.pdf (nccgroupplc.com)). We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.

Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process. This role being advertised will be subject to BS7858 screening as a mandatory requirement.