An overview of the role
In April 2020, Capgemini merged with Altran, created a world-leader in “intelligent industry”. This means IRM is now part of the Capgemini Group, enabling us to offer our clients an even wider range of products, services and skills.
This role offers a wider variety of work than the vast majority of consultancies in the UK. This has allowed us to build a skills matrix and start to tailor progression and training to match your career ambitions.
Each member of the Technical team will bring their own unique experiences and views and we positively encourage collaboration when needed. On larger engagements, we may assign multiple consultants. As part of the technical team, you are not one of a thousand consultants. Each member of team has the opportunity to shine and experience some truly weird, wonderful and unique projects.
As part of our Senior Technical team, you will be instrumental in not only performing a multitude of tests to an exceptional standard, but also to help with the learning and development of the team as a whole.
All senior consultants are scheduled into our duty week system. This creates a period of time where you will not be on client site to enable you to support with things in the office/remotely. This could include helping with interviews to strengthen the team, offering training to new starters or graduates and being on call to support less-experienced members of the team.
You will still play a large part in security testing – a mixture of web, infrastructure, physical and red team testing. Our testers just test, you won’t be asked to perform PCI work or Cyber Essentials!
Why this role?
The role is as a Senior Consultant working within IRM’s Technical team and you will operate both independently (on small engagements) and lead a team as part of a team on more complex larger jobs.
- Work as a professional, deliverable Senior Technical Consultant / Penetration Tester/CTL, offering IRM’s clients a totally professional customer service experience, whilst adhering to IRM’s core values and company policies and procedures
- Conduct the full range of effective and comprehensive technical assessments and consultancy services to the highest standards, including IRM core technical services
- Maintain an accurate and up to date knowledge of information security issues, keeping abreast of new technologies, methodologies, techniques, vulnerabilities and market trends and communicate this throughout the team
- Produce concise and accurate technical reports and executive summaries, in line with client and company expectations in accordance with the QA manual and within defined deadlines.
- Participate in more specialist areas of technical assessments and consultancy services where required
- Participate in delivery of security management consultancy including health checks, risk assessments and compliance and standards based audits, where required
- Engage with and fully participate in research & service development projects
- Ensure professional, coherent and relevant communication within IRM and our clients at an appropriate level, using relevant language and at all times, behave in a manner that reflects the values of IRM. Maintain confidentiality at all times
- Ensure that work is carried out in accordance with defined IRM policies and procedures.
- Complete all tasks in a manner that displays a commercial awareness; i.e. managing client expectations and ensuring that project tasks are completed on time and on budget
- Where necessary assist the commercial team in the preparation of test scopes and proposals
- Complete administrative duties, which include weekly timesheet and expense submissions, as director by your line manager, Finance and HR
- Through the course of your duties, identify opportunities for further business development and growth and ensure that this is communicated to your line manager, the PMO and Sales department
- Carry out any other additional, reasonable and alternative tasks that may be required from time to time
Required skills, experience and personal attributes
- Must have experience in an IT security role to CTL level and have, or be able to attain SC clearance
- Demonstrates an excellent knowledge of penetration testing skills at infrastructure and application layers and keeps knowledge up to date
- Knowledge of system configuration auditing including Windows & *NIX operating systems, network devices, firewalls, IDS/IPS devices, wireless technologies etc
- Good understanding of common security standards and regulatory compliance
- Excellent written and verbal communication skills
- An ability to work effectively and positively within a team and willing to collaborate and readily share knowledge and skills
- Great organisation skills and ability to work in a pressurised environment whilst working towards and achieving deadlines.
- Relevant degree/postgraduate degree