Job Description
Information Security consultant required for market-leading financial services firm. The role will be focused on the design and enhancement of their process and documentation within their security champion programme.
Responsibilities:

• Review, design and build of processes, sample documents and supporting training for the following documents/processes.
  • Low-Level Design
  • Software Delivery Risk Assessment
  • Application Security Review
  • Terraform Review
  • Pipeline review
  • Vulnerability Management

• Shape and grow the existing community. You will be responsible for understanding the delivery requirements of the Champion role, reviewing current tools, artefacts and supporting material, validating its purpose, and identifying any gaps. You will need to facilitate Security Community of Practice meetings and events as well as channel feedback into the program. Review output from posture assessments and other channels to identify the current areas of focus needed.

• You will help support the development of a training library, with content from various platforms. You will help review current material Vs the duties and responsibilities of the Champion and help create learning paths and material lists for both compulsory and voluntary training. Identify and facilitate ongoing security training. You will support the existing team leading the program in identifying security training requirements aligned with the current duties and responsibilities as well as any on the horizon.

• Identify opportunities for improvement, evolution of the program. Review output from posture assessments and other metrics to identify the current areas of focus needed. Review and contribute to the identification and creation of a set of KPI's and KRI's.

As an ideal candidate, you will have an industry certification such as CISSP, CISM, CRISC or SABSA. You will have a background in Security Architecture & Consulting. You will also have a proven track record of delivery in a similar role.