BDO LLP is an accountancy and business advisory firm, we provide integrated advice and solutions to help businesses navigate a changing world. Our clients are Britain’s economic engine – ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy.

We share our clients’ ambitions and their entrepreneurial mind-set. We have the right combination of global reach, integrity and expertise to help them succeed.

BDO LLP operates in 18 offices across the UK, employing 3,500 people offering tax, audit and assurance, and a range of advisory services. BDO LLP has revenues of £428m and is the UK member firm of the BDO International network. The BDO global network provides business advisory services in 162 countries, with 74,000 people working out of 1,500 offices worldwide. It has revenues of $8.1bn.

Overview

As part of the Technology Risk Assurance team at BDO, we are looking for an individual with at least two years’ Cyber Security consulting experience to join the dynamic cyber team as a semi-senior in a client facing consultancy role.

We are looking to recruit an individual with a good understanding of the fundamentals of IT/Information/Cyber security to effectively deliver an increasing portfolio of work.  The role will typically focus on performing cyber controls gap/maturity assessments and control reviews as well as more technically focused technology assessments. The role will also involve supporting the Cyber Security Management team as they look to develop the proposition and grow the business.   

The opportunities to develop are significant and appropriate support will be provided, including training.

Responsibilities

• Deliver Cyber/IT Security reviews and advisory assignments to a high standard
• Understanding of business context and requirements for security controls and able to articulate security risk to non-technical and  technical audiences
• Help deliver  internal/external/application penetration testing
• Discuss findings with clients and obtain their buy-in to a proposed way forward.
• Keep Managers, Leadership team and colleagues up to date with status, findings and the implications from the work
• Ensure excellent client service
• Continue to develop relevant skills and capabilities 
• Assist and up skill more junior staff on client engagements
• Build relationships internally, with promotion of the Cyber/IT Security services important to creating growth
• Support the Cyber Security Managers and Partner in the development of new propositions, delivery of the marketing plan and business development strategy.

Requirements

• Experience in an information/cyber security role (consultancy experience)
• A strong understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs,, Intrusion Detection,  vulnerability scanning etc.;
• A good understanding of cyber security concepts and systems/solutions such as IDM, DLP, SIEM SOC, SSO etc.
• A good understanding of Vulnerability and Risk Assessment approaches and methodologies
• Good understanding of the Cyber Security Strategy good practice frameworks (for example, the Cyber Security Essentials NIST CSF, CIS top 20)
• Experience performing cyber risk and control gap assessments
• Understanding of the ISO 2700X series of standards and guidelines
• Flexibility to travel on a regular basis locally with potential for wider travel including international assignments.
• Excellent team player but also confident working on own initiative.
• Strong communication skills (both written and oral) and first rate interpersonal skills at all levels.  Able to explain technological concepts and risks to non-technological audiences.

Preferable

• Understanding of the PCI DSS series of standards and guidelines
• Strong presentation skills
• Experience of delivering penetration testing and vulnerability scanning assessments
• Security qualifications CREST Registered Tester, ISO 27001 Lead Implementer / Auditor, CEH
• CISSP/CISM/CISA (Exam qualified)

Our Agency Policy

BDO has a commitment to building relationships directly with candidates (and agencies) in our local markets and as such, we do not accept speculative CVs from agencies. We work closely with our preferred suppliers to support us in sourcing quality candidates but we only pay agency fees where we have a signed agreement in place and an agency has been instructed by a member of the BDO Resourcing team. We do not pay agency fees where speculative and unsolicited CVs are submitted to BDO by any means other than through our recruitment portal. For any CVs which are submitted without instruction from the BDO Resourcing team, BDO reserves the right to contact and work directly with these candidates without payment of any agency fee.