Overview of Company
Ascentor specialises in independent cyber risk management. We view information security as a powerful business enabler. As part of the Amtivo Group, we specialise in independent information and cyber security consultancy.
Who are we looking for?
The CECSA is accountable through the business cycle for, supporting the HTA and Business Development teams in pre-sales activities.
Scoping, managing and delivery of Cyber Essentials and Cyber Essentials Plus assessments for clients through to completion.
- Maintaining and extending relevant knowledge and qualifications required to fulfil the role.
- Maintaining a high quality of testing and reporting skills required.
- Achieving and maintaining qualifications to deliver the VA and SOC service.
- Successfully monitoring and maintaining all IT systems and equipment.
- Supporting the development and delivery of Ascentor IT change projects.
Role Overview
This exciting opportunity is for an initiative-taking person to join our expanding Technical Assurance Services team in delivering.
- Cyber Essentials (CE) & Cyber Essentials Plus (CE+) Assessments.
The role also offers the applicant the opportunity to widen their skills by participating in Cyber Security Health Checks (Penetration testing) and working within our Cyber Security Operations Centre analyst team to monitor and respond to incidents in customer infrastructure.
Core Responsibilities
Delivering:
- Operate a first-hand role involving the delivery of guidance, support, and assessment of Cyber Essentials and Cyber Essentials Plus standards to clients to help them achieve Cyber Essentials certification and protect their businesses.
- Foster and maintain relationships with key stakeholders and business partners.
Planning:
- Work with sales teams and customers to define scope.
- Maintain knowledge of the latest changes to Cyber Essentials Standards.
- Attend monthly Cyber Essentials webinars online.
- Assist in developing new service lines.
- Mentoring junior colleagues.
Reporting:
- Produce accurate and timely assessments and reports based on scope for customers.
- When required provide data for internal reporting.
Resourcing:
- Support teams across the Amtivo Group as appropriate for business development activities.
- Support the relevant teams across the Group to understand and maintain the delivery of CE/CE+ audit requirements.
Training:
Undertake self-learning/official training and exams to maintain qualifications for the following :
- CE/CE+ Lead Assessor
- Maintain CRT or CSTM qualifications
- Tenable I/O Vulnerability Management
- Cyber Security Operations Centre Analyst
- Achieve AlienVault Certified Security Engineer (ACSE) qualification.
Competencies
- The ability to work autonomously and as part of a team.
- Communicate clearly and effectively across all levels with internal and external stakeholders.
- Ability to problem solve and offer solutions.
- Ability to plan, manage and deliver on a variety of tasks and projects.
- A minimum of 3 years experience in IT/Cyber (excluding training)
Technical Competencies
- Experienced in delivering Cyber Essentials and Cyber Essentials Plus engagements as a lead assessor.
- Proficient in using security testing and auditing tool such as NESSUS Pro, Nmap, Metasploit Kali, TENABLE I/O etc.
- Experience with Windows, Unix/Linux and Mac-based operating systems., as well as knowledge of network and server monitoring.
- Knowledge and Experience of penetration testing and vulnerability management principles and methodologies.
- Strong analytical and critical thinking skills, with the ability to manage multiple tasks.
- Good understanding of Cloud services and their distinct types of IaaS, SaaS, and PaaS.
Beneficial Competencies:
- Good knowledge of Information Security technologies; NIDS/IPS, HIDS, WAF, Firewalls, content filtering, Vulnerability Management
- Experience working within a SOC as a Security Analyst.
- Good knowledge of Advanced Penetration Testing techniques and methodologies.
- Knowledge of Vulnerability Management platforms such as Tenable I/O
- Good knowledge of Cyber Security Standards and Frameworks such as ISO 27001, NIST or NCSC Cyber Assessment Framework.
Success Criteria:
- Be a qualified and experienced Cyber Essentials and Cyber Essentials Plus assessor or
- Hold one or more of the following qualifications which must be current.
- CREST Registered Penetration Tester (CRT) – Preferred
- Cyber Scheme Team Member (CSTM)
- Offensive Security Certified Professional (OSCP)
And
- Be seeking to enhance their knowledge and skills by attaining one or more of the following certifications.
- CREST Certified Web Application Tester – Preferred
- CREST Certified Infrastructure Tester
- Cyber Scheme Team Leader (CSTL) qualification
- Must be initiative-taking and can work independently where required.
- Demonstrate a commitment to not only expanding their knowledge and skills but also a willingness to mentor less experienced colleagues.
- Seek to expand knowledge and expertise by supporting other core services within our Technical Assurance Services.
Qualifications/Experience
Essential:
- 3 years experience as a CE/CE Plus assessor.
- CREST Registered Penetration Tester (CRT) – Preferred or Cyber Scheme Team Member (CSTM).
Desirable:
- CREST Certified Infrastructure Tester- Preferred or Cyber Scheme Team Leader (CSTL).
- IASME Cyber Assurance Assessor.
- Cyber Essentials and Cyber Essentials + Auditor.
- HND in IT-related discipline (or equivalent).
- Secure configuration/auditing of Cloud Services (AWS, Microsoft 365, Microsoft Azure).
- Good knowledge of Cyber Security Standards and Frameworks such as ISO 27001, NIST, CIS.
Miscellaneous
Full UK Driving License.
Eligible to work in the UK.
SC Clearance or willingness to undergo.
Location
Home-based role with travel to customer sites as required and occasional visits to the office as required as discussed with line manager.
How to Apply
