Cyber Security Consultant

The AA
25 Nov 2022
25 Nov 2022
Job Type
Cyber Security
Employer Sector
Technology, IT & Telecoms
Contract Type
Full Time
Company description
Make sure to apply quickly in order to maximise your chances of being considered for an interview Read the complete job description below.
Location: Hybrid working between your home and our Basingstoke HQ
Employment Type: Permanent, full time
Additional Benefits: Car allowance, annual bonus + private medical insurance
Solution bringers. Day makers. Extra milers. We are the AA. And we keep everyone's show on the road. There for our members wherever and whenever they need us, we're always ready for anything. That's why, for over 100 years, we've continued to evolve and adapt. Today, as the nation's number one motoring organisation, we offer a range of excellent products and services to millions of customers. As a Senior Cyber Security Consultant, you'll join our exciting journey to fulfil our future vision. We aim to support the UK's 17m drivers and to facilitate their driving lives through data and innovation; to succeed with this, we require a step–change in pace and thinking. Join us as we transform and deliver on this ambitious vision.

This is the job
Joining the AA as a Senior Cyber Security Consultant, you will focus on cybersecurity governance, risk and compliance activities as well as maintaining a cybersecurity assurance framework, aligned to NIST, PCI–DSS and within the AAs existing ISO27001 compliant ISMS framework. Our Cyber Consultants also actively get involved with the testing of security risk controls for the business.
Being a key part of the team, you will be a security interface to all change and IT projects acting as the subject matter expert (SME) ensuring robust security controls are in place to manage risks and comply to regulatory standards and internal policies. You will work collaboratively within the AA to consult on security aspects of change to design build and implement pragmatic security solutions to mitigate risks to the organisation becoming a trusted partner and advisor within your specialised field.
What will I be doing?
Act as a SME on a portfolio of different projects across the organisation i.e., large acquisitions through the launch of new business ventures to third–party solutions and affiliates
Work with the IT solutions team to detail the security design into project templates. Owning documentation of security risk assessments, identifying issues/risks and ensuring overall Information Security standards and processes are followed by both internal and external parties
Manage and deliver testing of security risk controls, working with the business to maintain our ISMS and penetration testing for the wider project team before 'go–live'
Support deliveries with robust risk assessment/mitigation and ensure that they align to the appropriate technology change framework and solutions meet the relevant operating principles, in order to protect the Business, whilst continuing to deliver change
Identify, engage, and manage 3rd party organisations to ensure appropriate vulnerability assessments and security audits are conducted to ensure our security processes and systems; providing recommendations to minimise any likelihood and impact of any denial of service, penetration, or fraudulent activities / attacks that could affect the business or brand
Contribute towards the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies, applicable laws and regulations i.e., PCI DSS
What do I need?
Significant experience of working within Information Security or Cyber Security
Possess good understanding of applicable information security regulations and standards i.e., ISO 27002, ISO 27001:2013, ISO 13335, ISO 13569, Data Protection Act (2018), RMADS, EU Data Protection Directive and PCI DSS etc.
Knowledge of IT security solutions and their integration and operation into business systems and processes. As well as prior experience using formalised security risk management methodologies
Good technical and analytical skills across a range of technologies i.e., Windows, networks, Linux, Oracle, web applications and Cloud/SaaS Security
Understanding and experience in deploying infrastructure, software solutions and architecture within complex environments
Knowledge of Threat Monitoring Procedures, cyber risks/threats and information security best practice driving continuous service improvements
Additional Information
We're always looking to recognise and reward our employees for the work they do. As a valued member of The AA team, you'll have access to a range of benefits including:
Annual Bonus
Car Allowance
Private Medical Insurance
Diverse learning and development opportunities to support you to progress in your career
25 days annual leave plus 8 bank holidays
Free AA breakdown membership after 12 months, 50% discount in your first year
Discounts on AA products including car and home insurance
Employee discount scheme that gives you access to a car salary sacrifice scheme plus great discounts on healthcare, shopping, holidays and more
Worksave pension scheme with up to 7% employer contribution
Dedicated Employee Assistance Programme
Plus, so much more!
We're an equal opportunities employer and welcome applications from everyone. The AA values diversity and the difference this brings to our culture and our customers. We actively seek people from diverse backgrounds to join us and become part of an inclusive company where you can be yourself, be empowered to be your best and feel like you truly belong. We have five communities to bring together people with shared characteristics and backgrounds and drive positive change.