Cyber Security Consultant

Job Description

Location: Predominantly remote with occasional travel to one of our AA officesEmployment Type: Permanent, full timeAdditional Benefits: Car allowance, annual bonus + private medical insuranceSolution bringers. Day makers. Extra milers. We are the AA. And we keep everyones show on the road. There for our members wherever and whenever they need us, were always ready for anything. Thats why, for over 100 years, weve continued to evolve andadapt. Today, as the nations number one motoring organisation, we offer a range of excellent products and services to millions of customers. As a Cyber Security Consultant, youll join our exciting journey to fulfil our future vision. We aim to support theUKs 17m drivers and to facilitate their driving lives through data and innovation; to succeed with this, we require a step-change in pace and thinking. Join us as we transform and deliver on this ambitious vision.#LI-THEAA #LI-RemoteThis is the jobJoining the AA as a Cyber Security Consultant, you will focus on cybersecurity governance, risk and compliance activities as well as maintaining a cybersecurity assurance framework, aligned to NIST, PCI-DSS and within the AAs existing ISO27001 compliantISMS framework. Our Cyber Consultants also actively get involved with the testing of security risk controls for the business.Being a key part of the team, you will be a security interface to all change and IT projects acting as the subject matter expert (SME) ensuring robust security controls are in place to manage risks and comply to regulatory standards and internal policies.You will work collaboratively within the AA to consult on security aspects of change to design build and implement pragmatic security solutions to mitigate risks to the organisation becoming a trusted partner and advisor within your specialised field.What will I be doing

• Act as a SME on a portfolio of different projects across the organisation i.e., large acquisitions through the launch of new business ventures to third-party solutions and affiliates
• Work with the IT solutions team to detail the security design into project templates. Owning documentation of security risk assessments, identifying issues/risks and ensuring overall Information Security standards and processes are followed by both internaland external parties
• Manage and deliver testing of security risk controls, working with the business to maintain our ISMS and penetration testing for the wider project team before go-live
• Support deliveries with robust risk assessment/mitigation and ensure that they align to the appropriate technology change framework and solutions meet the relevant operating principles, in order to protect the Business, whilst continuing to deliver change
• Identify, engage, and manage 3rd party organisations to ensure appropriate vulnerability assessments and security audits are conducted to ensure our security processes and systems; providing recommendations to minimise any likelihood and impact of any denialof service, penetration, or fraudulent activities / attacks that could affect the business or brand
• Contribute towards the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies, applicable laws and regulations i.e., PCI DSS

What do I needEssential:

• Significant experience of working within Information Security or Cyber Security
• Possess good understanding of applicable information security regulations and standards i.e., ISO 27002, ISO 27001:2013, ISO 13335, ISO 13569, Data Protection Act (2018), RMADS, EU Data Protection Directive and PCI DSS etc.
• Knowledge of IT security solutions and their integration and operation into business systems and processes. As well as prior experience using formalised security risk management methodologies
• Good technical and analytical skills across a range of technologies i.e., Windows, networks, Linux, Oracle, web applications and Cloud/SaaS Security
• Understanding and experience in deploying infrastructure, software solutions and architecture within complex environments
• Knowledge of Threat Monitoring Procedures, cyber risks/threats and information security best practice driving continuous service improvements

Additional InformationWere always looking to recognise and reward our employees for the work they do. As a valued member of The AA team, youll have access to a range of benefits including:

• Annual Bonus
• Car Allowance
• Private Medical Insurance
• Diverse learning and development opportunities to support you to progress in your career
• 25 days annual leave plus 8 bank holidays
• Free AA breakdown membership after 12 months, 50% discount in your first year
• Discounts on AA products including car and home insurance
• Employee discount scheme that gives you access to a car salary sacrifice scheme plus great discounts on healthcare, shopping, holidays and more
• Worksave pension scheme with up to 7% employer contribution
• Dedicated Employee Assistance Programme

Plus, so much more!Were an equal opportunities employer and welcome applications from everyone. The AA values diversity and the difference this brings to our culture and our customers. We actively seek people from diverse backgrounds to join us and become part of an inclusivecompany where you can be yourself, be empowered to be your best and feel like you truly belong. We have five communities to bring together people with shared characteristics and backgrounds and drive positive change.