|Job Ref:||204733789||Employer:||cv-library.co.uk||Job Type:||Permanent||Country:||United Kingdom||County/State:||Yorkshire||City:||Leeds||Address:||Salary:||£50000 - £60000/annum Benefits||Post Date:||27/10/2016 03:25|
Information Security Consultant - Northern England - £50-60k + Benefits|
Information Security Manager / Information Security Consultant / Information Security Specialist / Information Security Officer / Network Security Officer
The Larson Group is currently recruiting am Information Security Consultant for a highly successful and established professional services organisation based in the North of England to manage one of their major accounts. This is a fantastic opportunity to work for one of the most successful companies in its field and work with an incredibly high-profile and important account.
Our client have offices in Leeds and in Blackburn so are flexible on where potential candidates for this role will live.
Our client has a contractual, legislative and regulatory requirement to protect the confidentiality, integrity and availability of the account's critical information assets, most of which contain sensitive personal information relating to its customers.
In order to achieve and maintain an appropriate level of compliance to these requirements, our client has appointed an Information Security function to develop and deliver an Information Security Management System (ISMS) to deliver these aspects to the account in question.
Due to the work undertaken it will be necessary for the Information Security Consultant to have the following skills:
* A broad understanding of technology risk
* A broad understanding of technology security best-practice
* An understanding of Information Security Architecture methodologies
* An in depth understanding of ISO27001
* An understanding of Information Security Awareness Programmes
* An understanding of the Payment Card Industry Data Security Standard (PCI DSS)
* An understanding of Risk Management Strategies
* Experience developing practical and pragmatic Security Policies
* An understanding of relevant legislative and regulatory Information Security requirements
* An understanding of HMG PSN Accreditation Process
The following items will be the primary responsibility of the Information Security Consultant in regards to meeting the Information Security objectives:
* Production, maintenance and communication of security documentation (policies, standards, procedures, guidelines) in line with Information Security requirements
* Define and enforce the IT security policy requirements with IT providers (including defining IT Security SLAs)
* Agree key security objectives, goals and where applicable, service levels with the business unit. Monitor status through security metrics.
* Acting as a central point of contact for Information Security matters for, IT Services, the account and third parties
* Security risk management (identification/assessment, calculation, mitigation controls selection, and communication of key risks to the IT Director as appropriate)
* Deliver improvement and provide measurement in terms of PCI DSS & ISO27001 compliance
* Information Security Incident Management within the Group.
* Represent Information Security at Group Forums as requested.
* Develop and provide Information Security Awareness Training and education initiatives
* Develop and enforce Information Security Project Lifecycle
* Impact assess all business change requests, serve on Business Change Forum
* Business unit Operational Acceptance of new projects / systems
* Serve on business unit's Fraud Advisory Unit
* Manage and maintain business unit's HMG PSN Accreditation.
By collating Management Information received across the business operation and IT Services, the Information Security Consultant will provide monthly written updates to the IT Director on the status of the business unit's key Information Security risks and incidents as well as Information Security goals and objectives based on agreed metrics. This information will also be provided to the Divisional Risk Director and Security Manager on a monthly basis.
By utilising a metrics approach, Information Security reports will aim to demonstrate continual improvement where applicable but will also serve to highlight areas where further improvement may be necessary. This will enable Information Security resources and initiatives to be targeted in areas most in need.
For more information on this role, call Jamie MacMillan on (Apply online only)
Keywords - Information Security Manager / Information Security Consultant / Information Security Specialist / Information Security Officer /
Larson Resource Group Limited is registered in England & Wales with a company number 06110626. Registered office address is Windsor House Cornwall Road Harrogate HG1 2PW. Our VAT number is (Apply online only) 57. Larson Resource Group Limited trades as an Employment Agency when placing permanent candidates and as an Employment Business when placing Contractors (under the Conduct of Employment Agencies and Employment and Business Regulations 2003) In accordance with these regulations you should have received a copy of our Client Terms of Business. If you have not received a copy please contact a member of staff immediately. All discounted rates quoted are only valid providing all other terms are met in accordance with our standard Client Terms of Business