Senior Security Consultant - Compliance and Strategy
Madrid – Hybrid
Thanks for checking out our role; we’re excited you want to know more about NCC Group!
As a Senior Security Consultant at NCC Group's Global Consulting and Implementation (C&I) division, your role is pivotal in providing Information Assurance consultancy to businesses, aiding them in safeguarding critical systems and information assets.
Your responsibilities will include building and maintaining trusted client relationships, conducting assessments and analyses, translating technical findings into actionable roadmaps, and ensuring adherence to internal policies and procedures.
Moreover, you will play a key role in supporting sales activities and mentoring junior consultants, contributing to the overall knowledge sharing and growth within the delivery team. Additionally, your responsibilities will extend to supporting the development of the C&I capability in Spain by assisting in the establishment and growth of a regional team. This entails actively participating in recruiting efforts, providing guidance to new team members, and fostering a collaborative environment conducive to the team's success.
Why join NCC?
We specialise in offering comprehensive Information Assurance consultancy services aimed at assisting businesses in fortifying their cybersecurity posture. This encompasses defining security strategies, conducting risk assessments, developing policies, providing security awareness training, and offering on-demand cyber expertise.
Our core services range from strategy and governance to incident response planning and ISO 27001 assessments. We also provide bespoke services tailored to the specific needs of organizations, including risk mitigation assessments, security architecture review, and cyber transformation programs.
For our people
* ⏰ Flexible working
* Financial & Investment
* Pension
* Life Assurance
* Share Save Scheme
* Maternity & Paternity leave
* Community & Volunteering Programmes
* Employee Referral Program
* Lifestyle & Wellness
* Learning & Development
You will bring:
* Strong English language skills (C1/C2) plus Spanish (Native or C1), and excellent communication, consulting, and presentation skills.
* Proficiency in core control frameworks such as NIST, SANS Top 20 CSC, ISO 27001, Privacy, NIS, and CAF.
* Proficiency in implementing, auditing and consolidating business continuity plans (BCPs), BIAs and developing disaster recovery plans (DRPs).
* Experience in delivering risk assessments using methodologies like ISO 27005, IRAM, and FAIR.
* Strong time management skills to ensure timely project delivery within budget constraints.
* Ability to establish rapport with clients and maintain long-lasting relationships.
* Demonstrated expertise in business, consultancy, and technical aspects of the Cyber Security Industry.
* Certifications like CISM, CISSP, CRISC, ISO 27001 LI/LA or CISA.
The below are not mandatory, but will undoubtably aid your application:
* Proficiency in French and Portuguese at a high level will be considered an advantage.
* Proficiency across multiple technical areas such as SOC/SIEM assessments, Identity and Zero trust, Security design and architecture, Operational Technology (OT), ISA 62443, Artificial Intelligence, SWIFT CSP, and Cloud-related certifications across AWS/GCP/Azure.
* Experience in deploying software and technical solutions.
* Proficiency in managing people and building teams, demonstrating the ability to lead and develop individuals to contribute effectively to the team's objectives and overall organizational success.
* Extensive experience in implementing the Spanish National Security Scheme (ENS).
About your application
We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.
If you do not want us to retain your details, please email. All personal data is held in accordance with the NCC Group Privacy Policy ( (nccgroupplc.com)). We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.
Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process. This role being advertised will be subject to BS7858 screening as a mandatory requirement.
#J-18808-Ljbffr