This job has expired

Information Risk Specialist

You need to sign in or create an account to save a job.

Job Details

•    You'll have 3/5 years of experience in a direct information security role specialising in governance, risk and compliance activities.

•    An MSc in Information Security or a CISSP, CISM, CISA.  Appropriate career experience is just as important though. Be prepared to tell us all about that experience.
•    We believe that we work better as a team, and hope you share that belief. You'll be working in a diverse group of people with a variety of skills and backgrounds, a high level of emotional intelligence will be assumed.
•    You'll need excellent communication skills, both verbal and written.  You should be confident in explaining security terms and principles to an audience who may not be familiar with the underlying concepts.  
•    You will assist in defining the ISMS and controls assurance environment creating the appropriate documentation/evidence to support external assessments
•    Working knowledge of ISO 27000 or NIST Cyber Security Framework would be great, but experience with other recognised standards will be acceptable.
•    You should have worked in an organisation certified to ISO 27001 or gained SOC2 certification.  You will have been part of this journey and understand the controls needed to achieve different certifications. 
•    A firm understanding of the security practices which should be adopted for different legal and regulatory requirements such as PCI-DSS, GDPR, or different regulatory bodies.
•    Have responsibility for conducting security assurance/assessment activities and able to demonstrate process improvements to enhance the maturity of security controls.  
•    Financial services experience would be ideal, but experience in organisations with a mature security environment would be preferable too e.g. large consultancy firms, telecoms, pharmaceuticals or critical infrastructure.
•    You will have a solid appreciation of the variety of technical controls available including endpoint security, identity and access management, network security controls (firewalls, VPN), intrusion detection and security event management/log analysis tools. You won't be expected to be hands-on with these tools, but you'll certainly need to be aware of how they fit within the control environment which you will help to design and operate.


Intelligent Recruitment

We constantly remind ourselves that people come first, so we have a commitment to providing an excellent personal service to our clients and candidates with the know-how to save you from wasted time and disappointment.

Our clients come from all commercial and industry sectors and, in particular, we have expertise in sourcing candidates in the land, marine, air, weapons, electronics, communications, avionics and cyber security domains.

GardPass Consulting bring a discerning approach to the resolution of both organisational recruitment requirements and individual career aspirations. 

Mobilising and placing individuals and large teams on a global basis at speed in complex situations is one of our specialities. We offer a wealth of experience and expertise in supplying project personnel on a worldwide basis, backed-up by a huge network of qualified, experienced professionals (many of them security-cleared at various levels). Many of our candidates have worked with us on several projects – often for the same client, by request.

Find Us
+44 7939 073902
Pendragon House, 65 London Road
St Albans
You need to sign in or create an account to save a job.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert