Information Security Consultant

Location
Staines
Salary
£55000 - £60000 per annum
Posted
18 Aug 2017
Closes
15 Sep 2017
Ref
1142771
Contact
Michael Aspinall
Clearance Level
None / Undisclosed
Job Type
Permanent
Role: Information Security Consultant
Salary: £60k

A fantastic opportunity to join a Leading Global Financial Consultancy. This is an opportunity for an experienced Information Security Consultant to join this Global Organisation and define their career filled with endless progression opportunities and a simply incredible benefits package including up to a 16% pension.

Roles & Responsibilities of the InfoSec Consultant:
* To work as part of the Information Security Function; improving information security across the organisation
* Responsible for managing third party supplier assurance schedule on behalf of business and IT relationship owners.
* Management of third party supplier assurance schedule
* Security profiling of 3rd party suppliers
* Performing risk assessments and on site audits of 3rd party suppliers
* Following ISO27001 framework for risk management
* Ensure successful completion of risk assessments, remediation plans and risk closure.
* Provide very clear and high quality risk reports to enable senior business risk owners to make the most appropriate risk decisions.
* Maintain information security risk register and ensure remediation actions are tracked and delivered on time
* Support the identification and understanding any security event alerts - as part of risk assessment activities
* Support management of security incident (where necessary).
* Responsible for identifying opportunities for improvement and in some instances owning the delivery of introducing such improvements Support the Information Security Team on other risk management activities where necessary

Desired Skills of the InfoSec Consultant:
* Strong vendor management skills and experience of performing structured risk assessments and delivering security guidance
* Strong understanding, and recent experience of managing common threats associated with 3rd party supplier channels
* A proven track record of delivery with a deep understanding of security risk management
* Experience in structured risk management process/methodology (CRAMM, OCTAVE, ISO27005 or equivalent risk management methodology) is essential.
* Experience of managing/performing information security risk assessment of applications and infrastructure (full life cycle of risk management required)
* CISSP in good standing would be desirable, or other equivalent recognized accreditation
* Experience of operating within an ISO27001 certified environment
* Experience operating in a Professional Services or Financial Services environment. Experience of ITIL and/or Prince2 would be desirable
* ISO 27001