|Job Ref:||204754741||Employer:||cv-library.co.uk||Job Type:||Permanent||Country:||United Kingdom||County/State:||London||City:||London||Address:||Post Code:||WC1A||Post Date:||08/10/2016 03:50|
Information Security Risk and Compliance Consultant - Consultancy - Home Based |
An exciting opportunity has become available at a leading information security consultancy with a diverse portfolio of clients and projects spanning financial, retail, legal, transport and energy sectors. The company is dedicated to identifying and mitigating cyber threats faced by large businesses in today's globalised market. They provide an extensive array of technical assurance services together with security management and risk assessment options, covering the full spectrum of their clients' information security requirements. They require a Risk and compliance Consultant to support their clients including major High Street Retailers, Healthcare companies, Finance and Insurance companies as well as some Local / Central Government departments.
Working in a stand-alone Audit & Compliance Consultant position, supported by the wider security team, in the implementation of Governance and Risk Management processes and solutions for ISO27001, PCI DSS and some CESG compliance projects on client accounts.
You will provide full lifecycle Information Security Consultancy across PCI DSS and ISO 27001 security standards, from the initial consultation and pre-sales phase to the delivery and ongoing BAU support as a trusted Security SME.
Provide subject-matter expertise to various projects delivering business solutions that impact security compliance certifications.
You will have the option to be contractually based from home or from London or Cheltenham and will be expected to travel 3-4 days per week to client locations (dependent upon client and project demands).
In the course of your duties, you will identify and refer to the Sales Team any opportunities for further business development and growth.
Experience & Background:
Candidates will be expected to:
Demonstrate extensive knowledge of implementing security strategies to deliver consulting security solutions to clients that include:
Aligning and integrating the business strategy with corporate security and business goals.
Establish, communicate and maintain a charter for the security management function.
Develop and maintain the overall business strategy, mechanisms for policy enforcement, definition of ownership, monitoring mechanisms, and process and controls.
Designing and maintaining security architecture both at the enterprise and solution levels.
Demonstrates extensive knowledge and success with assisting on, client-facing business development, engagement delivery, practice development and thought leadership as it relates to the development, assessment and implementation of Information Security solutions.
Demonstrate an extensive knowledge of managing project work streams in a system security, controls or information security management environment, from the following information security domains:
Security Architecture and Strategy (Integrated Risk Management).
Security Function Design and Governance.
Information security awareness.
Demonstrate extensive knowledge and success interpreting security industry standards (ISO 27001/27002, PCI DSS, DPA, NIST 800 series, COBIT), especially as it relates to the following:
Building a Business Management System and/or program.
Managing internal controls, risk assessments, business process and internal IT control testing or operational auditing.
As a proven Security Consultant, you will not only have deep security policy, standard and technical knowledge (not hands-on) but will also have excellent client and stakeholder management skills with the ability to communicate complex solutions clearly and effectively at all levels.
Certifications / Qualifications:
Any of the following certifications would be highly beneficial:
ISO27001 Lead Auditor
CCP IA Architect / SIRA / IA Auditor
Acumin Consulting is a member of the Red Snapper Group. The Red Snapper Group acts as an employment agency (permanent) and as an employment business (temporary) - a confidential service to candidates. The Red Snapper Recruitment Group is an equal opportunities employer