About Cydea
We are a small, young, cyber security consultancy that welcomes challenge and values different perspectives. We’re not afraid to do things differently and our clients appreciate us for that.
We typically work with senior clients — like CIOs, CTOs, CISOs, plus CEOs and NEDs — over longer periods to deliver real and measurable outcomes, rather than one-off deliverables.
We work collaboratively and securely in the open with our clients using tools to automate tasks, track progress and responsibility, and share our findings. This is how we like to work.
We work on interesting engagements where security meets ‘the business’ to better understand, communicate and manage cyber risk. That may involve helping to identify the sources of risk to an organisation, how frequently they face different types of risk events, and quantifying the consequences of these to their operations. It may be producing a light-touch Cyber Scorecard or taking a deeper dive assessment into their security posture. We also help boards and leadership teams explore risk scenarios through cyber exercises (or ‘war games’).
We believe in making the world a better place and do that through two specific programmes. Through Cydea x Good Causes you can expect to spend time supporting good causes on a pro-bono basis or helping them with grants to purchase security solutions. You’ll also be expected to contribute to open-source projects through cydea.tools that provides any organisation with free tools to improve their security posture.
We’re a remote-first business so you’ll spend less time commuting and more time doing things that matter (client work, or perhaps doing the school run). That doesn’t mean you’ll be alone: we use collaboration tools to keep in touch day-to-day and have monthly Team Days in different locations to get together, celebrate successes and plan for the future. Often our clients drop by to share what they’re up to and the problems they’re facing.
We want you to succeed and will invest in your development through formal courses, online learning, career mentorship, on-the-job training and regular feedback. We budget for everyone to go on a training course every year and expect you to share what you’re learning. Every week we talk about what we’ve achieved, learned and reflect on a problem we’ll need to solve soon.
This is a UK-based, primarily work from home role, with some travel required to meetings and clients.
Who we are looking for
We’re looking for someone to join our team as a cyber risk senior consultant. They’ll have an inquisitive mind and want to improve the world around them. This will come across on a day to day basis as they work to understand our clients’ business and manage engagements that help them to make better decisions that improves their cyber security posture. They will have the ability to communicate clearly and concisely in both written and verbal form to senior stakeholders, and will have the confidence to question and challenge the status quo.
They may have a cyber certifications, though this certainly isn’t a requirement; and will probably have four or five years experience. This doesn’t have to all be in consulting, though they will have prior experience running consulting projects and managing small teams.
Does this sound like you? Ok, then read on!
About the role
You’ll be working at the intersection of cyber security and ‘the business’ to assess security postures and conduct quantified cyber risk assessments. Your ability to listen to our clients and ask questions before making an assumption is key. You’ll be working collaboratively with our clients - we share work in progress deliverables with them for feedback as we go - using internally developed methods and processes, industry practices and open-source tools.
You’ll be taking the lead on our engagements and working with senior business leaders, both within the security and IT teams, as well as non-technical teams and board members. You’ll be helping them to identify what needs protecting and prioritising, and understanding what the consequences of risk events are to their operations.
You should be comfortable problem solving by breaking down challenges into small, more manageable parts, and documenting any assumptions or estimates that you make along the way. You’ll be comfortable both doing and delegating activities, like carrying out and writing up interviews and workshops, analysing the data we have collected, and looking for patterns and insights to develop recommendations.
The role will involve communicating our findings and recommendations in the most effective way possible, focusing on realistic, pragmatic and sustainable solutions that put user needs first and steers away from fear-mongering. This may involve managing exceptions and require you to influence clients and other senior stakeholders.
You may be required to work autonomously and take the lead on projects and individual tasks, as well as keeping our clients up to date. Some projects will require travel to client sites. That may be for the odd meeting or workshop, or it may be for multiple days over a few weeks. Most of our clients and meeting locations are in the South East of the UK.
Outside of the ‘billable’ client work you’ll also be contributing to our internal tools and processes and open-source projects. You’ll be expected to raise awareness of our services, to help propose new services to clients and (reverse) mentor colleagues.
Through our Cydea x Good Causes charitable programme you’ll spend five days every year on pro-bono engagements helping not-for-profit organisations to protect their incredible work.
Package and benefits
We think that we offer a competitive package, so we’re not afraid to tell you about it upfront.
The salary for this role is £60,000. We also like to look after our people and offer the great benefits listed on our careers page.
Working at Cydea
We are a small, young, cyber security consultancy that welcomes challenge and values different perspectives. We're not afraid to do things differently and our clients appreciate us for that. We have a passion for developing talent and would love for you to have a long, successful and rewarding career with us.
We believe in making the world a better place and do that through two specific programmes. Through Cydea x Good Causes you can expect to spend time supporting good causes on a pro-bono basis or helping them with grants to purchase security solutions. You'll also be expected to contribute to open-source projects through cydea.tools that provides any organisation with free tools to improve their security posture.
We're a remote-first and flexible business so you'll spend less time commuting and more time doing things that matter (client work, or perhaps doing the school run). That doesn't mean you'll be alone: we use collaboration tools to keep in touch day-to-day and have monthly Team Days in different locations to get together, celebrate successes and plan for the future. Often our clients drop by to share what they're up to and the problems they're facing.
We want you to succeed and your line manager will support and guide you in your assignments, and your career more generally. You will be supervised, but not micromanaged. We will invest in your development through formal courses, online learning, career mentorship, on-the-job training and regular feedback. We budget for everyone to go on a training course every year and expect you to share what you're learning. Every week we talk about what we've achieved, learned and reflect on a problem we'll need to solve soon.
You can find out more about what it's like to work at Cydea on our website: https://cydea.com/careers/