You will be you will be one of the security interfaces to all change and IT projects and act as the security subject matter expert ensuring robust security controls are implemented to manage risks and comply to regulatory and internal policy and standards. By utilising your business consulting acumen, you will work collaboratively to advise on security aspects of change to design build and implement pragmatic security solutions to mitigate risks to the organisation.
Working as an SME on a variety of different projects across the organisation, ranging from large acquisitions through the launch of new business ventures to third party solutions and affiliates.
- Being recognised as an Information Security Expert across the organisation
- Accountable for the documentation of the security risk assessments – identifying any issues or risks and raise to senior management.
- Managing and delivering the testing of security risk controls, working with the business to maintain our ISMS.
- Working with the IT solutions team to detail the security design into project templates.
- Working from the Information Security standards, developing processes and configuration documents to be followed by IT operations and/or third-party suppliers.
- Provide technical experience on security, define the principles and standards for the enterprise
- Undertake technology evaluations and provide recommendations for the security aspects of new applications.
- Interpreting the Information Security policy and liaising across the organisation.
- Support deliveries with robust risk assessment/mitigation and ensure that they align to the appropriate technology change framework and that solutions meet the relevant operating principles, in order to protect the Business, whilst continuing to deliver change.
- Identify, engage and manage 3rd party organisations to ensure appropriate vulnerability assessments and security audits are conducted to ensure the rigour of our security processes and systems; providing recommendations to minimise any likelihood and impact of any denial of service, penetration, or fraudulent activities / attacks that could affect the business or brand.
- Contribute to the production and circulation of reports to demonstrate the effectiveness of a number of Information Security controls and processes
- Develop and deliver tailored Security Awareness and educational activities across the organisation as required.
- Provide appropriate levels of documentation on security controls, incidents and risks.
CISSP and or CISM Qualified
- Previous technology security consultancy experience
- A good understanding of some (not all) of the information security requirements and knowledge of applicable regulations and standards, e.g., ISO 27002, ISO 27001:2013, ISO 13335, ISO 13569, Data Protection Act (2018), RMADS, EU Data Protection Directive and PCI DSS
- Be able to demonstrate a pragmatic understanding and experience in deploying infrastructure and software solutions.
- Knowledge of IT security solutions and their integration and operation into business systems and processes
- Experience in using a formalised security risk management methodology
- Experience of cloud and SaaS security
- Good technical and analytical skills across a range of technologies (particularly Windows, networks, Linux, Oracle, web applications)
- Proven experience in working with 3rd party security providers
- Knowledge of Threat Monitoring Procedures.
- Ability to comply with any regulatory requirements.
- Demonstrated knowledge and understanding of cyber risks and threats related to cyber attackers.
- Understanding of information security constraints and best practice.
- Able to contribute to architecture sessions on security tools in complex environments.
* Proven experience delivering continuous service improvements for the b
Job Reference: JO-2208-258816
Salary per: day
Job Duration: 6 month rolling
Job Start Date: ASAP
Job Industries: Cyber Security Jobs
Job Locations: Europe
Job Types: Contract
Job Skills: Cyber, Operations, response, SIEM