Securing business data

Careers at CNS Group


Job Description


Principal IA Consultant

GRADE (Job Title):

Principal Consultant


Head of Advisory

Place of Work

Home, on-site or office (London & Camberley) as fits.



CNS Group provides skilled experts to help its client build cyber security and information assurance capability through pragmatic consultancy. This role will be a client facing role helping them to implement compliance regimes or controls to secure their organisations. CNS Group focuses on assisting UK companies from a variety of verticals (Government, Critical National Infrastructure, Finance, Legal, Retail etc.) therefore a vast majority of work takes place in the UK though there is some international travel required in certain instances.

The work is varied and engagements can vary from a 5-day risk assessment from home to a 6-month placement on-site with the client. The role of Principal IA Consultant aligns with CCP/ SFIA Level 5 / 6:

Head line definition:

Autonomy – Ability to plan and run major assignments within a clear framework of accountability. Exercises substantial personal responsibility and autonomy. Able to manage junior consultants and assign work as appropriate to those consultants to achieve the aims of a specific project. Plans own work to meet given objectives and processes.

Influence - Influences customers, suppliers and partners at a senior level. Able to converse an influence ‘C’ level executives. Will have some responsibility for the work of others and for the allocation of resources. Participates in external activities related to own specialism. Makes decisions which influence the success of projects and team objectives.

Complexity - Work includes a broad range of highly complex technical or professional activities, in a variety of contexts. Investigates, defines and resolves complex issues. Familiarity with UK government security standards and will be comfortable working within these environments.

Business skills - Selects appropriately from applicable standards, methods, tools and applications. Communicates fluently, orally and in writing, and can present complex information to both technical and non-technical audiences. Facilitates collaboration between stakeholders who share common objectives. Plans, schedules and monitors work to meet time and quality targets. Rapidly absorbs new information and applies it effectively. Maintains an awareness of developing technologies and their application and takes some responsibility for driving own development. Contributes fully to the work of teams. Plans, schedules and monitors own work (and that of others where applicable) competently within limited deadlines and according to relevant legislation, standards and procedures. Appreciates the wider business context, and how own role relates to other roles and to the business of the employer or client."

Specific Responsibilities

The ideal candidate would be a highly experienced IT security professional looking to progress from a senior consultancy role who would like to be a position to help guide the development of the consultancy service offerings for CNS Group. They will have experience in design, delivery and troubleshooting of multi-vendor network security and security monitoring tools. In addition to this, exposure in this field, within the context of compliance to standards such as PCI DSS, ISO27001, HMG IA policy, or equivalent would be essential.

Experience in the creation of technical documentation, such as high and low level designs, including both written word and diagrammatical form, the ability to derive requirements from multiple business stakeholders (from senior managers to engineers) and contribute to customer proposals, is also highly desirable. Some experience in client facing situations would be advantageous.

The candidate should also be SC cleared or be eligible to undertake the process immediately.

Primary Responsibilities

Working in a team of exceptional individuals, there are boundless opportunities to learn and demonstrate personal abilities. The duties of the role will vary depending on the nature of the project. This can be quite diverse and so being able to attune to the situation is a valuable skill. This also offers the opportunity to express the diversity of skills and explore the individual’s potential.

The main responsibility is to provide business advisory and consultative technical services to clients, including provision of technical pre-sales. The areas covered as part of the everyday role may include:

  • Running complex technical projects – acting as the lead consultant for such engagements
  • Where applicable, manage a team of consultants on certain projects
  • contributing towards technical solutions
  • working with clients to define the scope of a project
  • clarifying a client's system specifications, understanding their work practices and the nature of their business
  • liaising with staff at all levels of a client organisation up to and including executive management
  • defining software, hardware and network requirements
  • developing agreed solutions and implementing new systems
  • presenting solutions in written reports or oral presentations
  • designing, testing, installing and monitoring new systems and services
  • preparing documentation and schematics
  • keeping knowledge up-to-date with current technologies and topical cybersecurity activities in the industry
  • being involved in pre-sales and support, and where appropriate, maintaining contact with client organisations
  • identifying potential clients and building and maintaining contacts

Specific Responsibilities

The role specific responsibilities include:

  • The ability to produce high quality work and be able to peer review other team member’s deliverables
  • To be able to mentor up and down the hieratical levels of various teams and positions
  • Delivery of projects within the set time and expected standard
  • Take ownership of issues and escalate where necessary
  • Be able to communicate with clients and other employees at all levels
  • Report to Head of Advisory and other senior managers
  • Develop new service offerings
  • Make informed decisions where appropriate


Required Technical Knowledge

The technologies which need understanding, in sufficient detail to discuss in both pre and post sales scenarios, design and delivery of solutions are (in order of preference):


  • SIEM (AlienVault/OSSIM or any other vendor i.e. LogRhythm)
  • Stateful firewalls (Cisco, Juniper, Checkpoint, pfSense)
  • Network IPS/IDS (Cisco, Snort, Sourcefire)
  • VPNs (Cisco, Juniper, OpenVPN IPsec and RAVPNs)
  • Routing & Core Switching (Cisco, HP)
  • SIEM (AlienVault/OSSIM or any other vendor i.e. LogRhythm)


  • NAC (ForeScout, Cisco ISE)
  • 2FA (RSA)
  • Host based IDS/IPS (OSSEC, McAfee)
  • AAA (Cisco ACS, Microsoft NPS)
  • PKI (Windows and Linux)
  • Vulnerability Management (Nessus, OpenVAS)

Desired Technical Skills

  • A demonstrable hands-on ability in a discipline other than networking or security e.g. virtualisation, scripting or software development (ideally with associated certification(s) e.g. VCP)
  • A broad understanding of security technologies used in virtualised environments, such as Cisco ASAv / 1000V, VMware vCloud Networking & Security, Check Point VE etc.
  • A broad understanding of current market offerings for IT security services
  • Microsoft Windows technologies such as Active Directory, including GPO’s
  • Experience in the hardening of common IT platforms (Windows, Linux, network devices)
  • The ability to interpret the results of penetration tests to identify remediation requirements

Mandatory Non-Technical Skills

  • Strong communication (both written and orally)
  • An attention to detail (but not at the cost of pragmatism)
  • Providing support, oversight, knowledge sharing and assistance to other consultants and from time to time act as 4th line support for the CNS Managed SOC

Desired Additional Qualifications

Exposure or experience in the following is considered highly desirable:

  • HMG IA policy and accreditation process
  • Protective Monitoring (GPG-13)
  • ISO 27001
  • Delivery of security managed services





£85,000 (negotiable)


Bonus, contributory pension, private healthcare (qualifying period)




Please contact for more information.
For further job opportunities follow us on LinkedIn.

Follow CNS on Linkedin and join our LinkedIn groups


Winner - Best Managed Security Service


Financial Service Technology Awards

Best use of IT in Retail Banking
For implementation of IPT at Duncan Lawrie Bank.

Consulting Practice of the Year

CNS Hut3 have been shortlisted as finalists in the Cyber Security Awards, which seek to recognise talent and achievement within the cyber security industry.
Banking Tech Awards 2012 Logo shortlist

BankingTech Security Initiative of the Year

CNS were shortlisted for their AntiPhishing Security Initiative with Metrobank.