Information Security Consultant
Apply on Partner Site
Reading/Hybrid - 2 days per week on-site
This role is responsible for providing subject matter expertise and guidance to Business teams and Partners that own the day to day management and safeguarding of customer information and protection of physical/logical assets of the company.
Actively represent the Security Organisation by developing and maintaining relationships with business stakeholders and partners to ensure security is considered throughout the lifecycle of projects from conception to operation
Collaborate closely with architects, designers, engineers, and other cross-functional team members within the organisation to ensure that our solutions are built to the highest security standards.
Communicates information security risks and issues to business managers and others
Applies and maintains specific security controls as required by organisational policy and local risk assessments
Supports with the effective governance of external partners and internal teams to deliver and assure Security Operations services to the business
Maintain an in-depth knowledge of industry standards relevant to the role.
Maintain a broad understanding of security products, an understanding of their architectural principles and integration capabilities
Must have at least 5 years' experience working in Information Security.
Must have a mix of security consulting, and professional services experience
Must be well versed in security policies & standards, governance, compliance, risk management and security audit practices
Experience with using common information security management frameworks, such as NIST, PCI, GDPR, ISO Series, OWASPp the IT Infrastructure Library (ITIL), the ISF Standards of Good Practice (SoGP) and ISACA's Control Objectives for Information and related Technology (COBIT) frameworks.
Proven expertise and experience in one or more of the following domains: o Information assurance & cyber security
IT service continuity
Information risk management
Proven expertise in one or more of the following technical disciplines:
Identity & access management
Data centre security services
Must have good skills of incident reporting and stakeholder management.
Must have experience in creating and documenting processes (processes, procedures, playbooks etc).
Must have experience working at pace within a complex operational environment / large enterprise network.
Security related certifications are desirable, particularly blue team certs such as SANS / GIAC.
Experience of improving the maturity level of security controls in line with industry best practice and standards.
Project People is acting as an Employment Agency in relation to this vacancy
Or check similar jobs