Job Description
Technical Information Security Consultant required for a market-leading insurance firm. The focus of the role is to support the security function in providing security services to the business and facilitating Information Security strategic change.
Responsibilities:

• Creation of a capability uplift plan/remediation plan for each relevant business area, following the findings from previous security posture assessments
• Agreement of capability uplift plan findings with the necessary business area & agree on an implementation timeline for the plan findings to be put into action.
• Implementation of specific Dev Sec Ops Target Operating Model objectives into two key business areas
• Creation of finalised & approved threat models for the relevant business areas
• Security consultancy support to aid internal programmes in their tender processes for choosing an IT service provider
• Providing overall security consultancy support to the ServiceNow programme, ensuring that all security requirements have been met to enable the ServiceNow tool to be implemented. This includes but is not limited to programme engagement, creation of finalised & approved necessary threat models, risk assessment & setting out the relevant Logging and monitoring requirements.

As an ideal candidate, you will have an industry certification such as CISSP/CISM/CRISC/CEH. You will have expert technical knowledge in information security and have a proven track record in a similar role. Threat modelling experience is essential. Experience within financial services is desirable but not essential.