Information Security Consultant

Information Security Consultant

Permanent

Reading - Hybrid way of working

This role is responsible for providing subject matter expertise and guidance to Business teams and Partners that own the day-to-day management and safeguarding of customer information and protection of physical/logical assets of the company

Responsibilities:

• Actively represent the Security Organisation by developing and maintaining relationships with business stakeholders and partners to ensure security is considered throughout the lifecycle of projects from conception to operation
• Collaborate closely with architects, designers, engineers, and other cross-functional team members within the organisation to ensure that our solutions built to the highest security standards.
• Communicates information security risks and issues to business managers and others
• Applies and maintains specific security controls as required by organisational policy and local risk assessments
• Supports with the effective governance of external partners and internal teams to deliver and assure Security Operations services to the business
• Maintain an in-depth knowledge of industry standards relevant to the role.

Skills Requires:

• Must have at least 5 years' experience working in Information Security.
• Must have a mix of security consulting, and professional services experience
• MUST have cloud security experience and Governance/ Risk assessment etc.
• Must have Stackholder management experience
• Must be well versed in security policies & standards, governance, compliance, risk management and security audit practices
• Experience with using common information security management frameworks, such as NIST, PCI, GDPR, ISO Series, OWASPp the IT Infrastructure Library (ITIL), the ISF Standards of Good Practice (SoGP) and ISACA's Control Objectives for Information and related Technology (COBIT) frameworks.
• Proven expertise and experience in one or more of the following domains:
  • Information assurance & cyber security
  • Data protection
  • Business continuity
  • IT service continuity
  • Information risk management
• Proven expertise in one or more of the following technical disciplines:
  • Cyber security
  • Identity & access management
  • Cloud security
  • Data centre security services
• Must have experience in creating and documenting processes (processes, procedures, playbooks etc).
• Must have experience working at pace within a complex operational environment / large enterprise network.
• Security related certifications are desirable, particularly blue team certs such as SANS / GIAC.

Project People is acting as an Employment Agency in relation to this vacancy.