Skip to main content

This job has expired

You will need to login before you can apply for a job.

Information Security Consultant

Employer
Barclay Simpson.
Location
London, United Kingdom
Salary
Competitive
Closing date
14 Dec 2022

View more

Sector
Consultancy
Job Role
Information Security Officer
Job Type
Contract
Send job
Job Description
Information Security Consultant required for market-leading financial services firm. The role will mainly be focusing on providing security project reviews and third party risk management.
Responsibilities
  • Act as the main security point of contact & SME for required projects
  • Perform security activities, including but not limited to, security design reviews, threat modelling, on internally & externally developed software.
  • Assess and review security in projects as part of the firms SDLC process.
  • Act as the Security subject matter expert within Agile / waterfall project planning, development, and execution.
  • Obtain and review all required artefacts as part of the application security framework
  • Drive security evaluation early in the cycles through iterative security testing
  • Provide advisory services and direction to application development teams during development cycles
  • Manage control exemptions/remediations identified through projects.
  • Advise on external regulatory requirements
  • Provide metrics for relevant areas of responsibility when required.
  • Baseline and analyse suppliers against the firm's information security (and industry) standards and highlight areas of non-compliance and/or concern and facilitate development of pragmatic solutions.
  • Design triage process for completed questionnaires and supporting documentation to validate suppliers' implementation of information security controls and make appropriate recommendations.
  • Act as key point of contact for any supplier related information security questions and issues and provide guidance to stakeholders on the established process.
  • Take responsibility for administration of the function's supply chain risk platform and offer associated meaningful reporting to inform the business of current risk posture.
  • Develop method in relaying the Firm's own information security controls to clients via (inter alia) completion of questionnaires and submission of audit evidence etc.
As an ideal candidate, you will have an industry certification such as CISSP/CISM/CRISC and have expert knowledge of project-based Information Security & Third Party Risk. You will also have a proven track record of delivery in a similar role. Experience in financial services is highly advantageous.
IND123

Send job

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert