Skip to main content

This job has expired

You will need to login before you can apply for a job.

Information Security Consultant

Employer
Hays.
Location
United Kingdom, City of London
Salary
Competitive
Closing date
3 Apr 2021

View more

A global Investment Firm is looking to add an outstanding Information Security Consultant on a contract basis inside IR35.

The organisation are looking for a strong Security leader with outstanding experience delivering Cyber Maturity programmes ensuring that all risks are accounted for and controls put in place in line with the organisations risk appetite.

Within this role you will be conducting a thorough review of the current controls/suppliers in place and will be expected to make suggestions which will enhance and develop the organisations security posture.

Duties & Responsibilities:

  • Be responsible for managing the development and on-going implementation of the Cyber Security strategy and objectives.
  • Develop a prioritised, risk-based information security roadmap, track and report its progress
  • Review the operating model including 3rd party providers ensuring all are suitable and fit for purpose.
  • Ensure full compliance with agencies and regulators in UK (FCA) and countries where the organisation operates creating controls which can manage and monitor performance/adherence
  • Staff education, awareness and training of cyber security risks and preventative actions are regularly delivered via multiple channels and a robust cyber security communication plan.
  • Perform security risk assessments, providing guidance on the implementation of all projects with information security implications across the company.
  • Implement and maintain KPIs and metrics to allow the monitoring of compliance with security policies and procedures against industry standard/best practice.
  • Network and partner with other organisations to improve knowledge and approach.
  • Carry out full security audits (internal and external with relevant suppliers) and ensure compliance and best practice is adhered to.
  • Act as a key stakeholder in the identification of cyber security risk and the design and introduction of appropriate controls and mitigation.
  • Implement and improve procedures and processes to optimise information security effectiveness.
  • Management of cyber security incidents from second-line investigation through to resolution.
  • Ensure compliance with ISO27001, PCI DSS v3.2.1, GDPR, and other required compliance requirements
  • Supporting the implementation of security culture and embedding of security controls into business change and processes
  • Managing security for the allocated business units and teams to ensure programs are delivered and business operations are reviewed to identify high risk processes
  • Being the Interface between the business teams and Cyber/Info Security
  • Assisting International level teams and capabilities to understand the business operations to enable security services to be optimised for all areas
  • Driving security awareness and education throughout the business units. Win hearts and minds and maintain a security culture
  • Proactively coordinating Cyber risk resolution
  • Supporting Security Solution engagement in Change Programs
  • Promote and champion best practices for Cyber Security, Risk Management, ITiL and service delivery

Experience and Qualifications Required
  • CISSP
  • 10 yrs minimum Cyber Security experience
  • Broad IT security management knowledge, skills and experience
  • Cloud exposure across a range of suppliers including Microsoft Windows Servers, Azure, O365 Security and Compliance
  • Data Leakage prevention experience
  • Forensic Investigations and Risk Management experience
  • Amazon Web Services (EC2, S3 & WAF) experience
  • Proven ability to build relationships with senior business and security stakeholders.
  • Excellent communication skills that can transcend technical and non-technical audiences
  • Experience with implementing or managing risk management processes and tools
  • The ability to work in a constantly changing and fast paced environment. Strong team ethic combined with determined approach to ensure completion of work
  • Relevant degree and professional security qualifications (alongside CISSP) such as CISA or CISM preferred or willingness to study for professional security qualification
  • Change management and information security risk & governance experience
  • Experience of compiling information for the purposes of internal and external audits/ regulatory commitments
  • Relevant cyber and security experience in financial services industry, preferably card business

This is an exciting opportunity and will suit an individual who enjoys the process of Cyber maturity working to tight deadlines.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert