Internal Senior Information Security Consultant
55 exec search
Our client is a global award-winning cyber security solutions, services and support advisory business.
Due to one of the biggest acquisitions within the cyber security industry they are now looking for a Internal Senior Information Security Consultant
This is a superb opportunity for someone that is looking for an organisation that provides excellent career development allowing you to accelerate your career within a compelling international growth focused business.
You play a key role in the evolution of Information Security, providing expert advice to both technical and non-technical audiences including advice on how to balance security and business requirements. You will report to the VP of Information Security and provide leadership and direction to junior information security team members and perform managerial responsibilities such as work assignment, mentoring and development.
Responsibilities of the Internal Senior Information Security Consultant:
- Assist with design and deployment and availability of enterprise security tools such as SIEM, antivirus, data leak prevention, identity management, vulnerability scanning and remediation etc
- Tracking and mitigation of info sec risk through risk methodology models and ensure information security compliance with audit requirements, security policies, standards and legislation
- When required assist with audit activities such as scoping, executing, reporting and presenting on internal and external security audits
- Support achievement of Information Security’s strategic objectives by ensuring policies, processes and standard controls are adopted and applied consistently across all locations
- Identify security requirements for any new business system/applications by evaluating business strategies and requirements, researching information security standards, conducting risk and gap assessments, and studying architecture/platforms and processes
- Track, maintain and distribute relevant information security KPI’s and other metrics to senior executives as well as contributing to the production of Information Security Risk and Compliance reports and updates for internal meetings
- Manage and oversee the maintenance of technical and organisational controls across multiple technology platforms and diverse system environments within scope of industry certifications and attestations (SOC2, ISO 27001, Cyber Essentials, etc.)
- Develop and implement security awareness and technical training efforts.
Experience required for Internal Senior Information Security Consultant:
- Maintains two or more professional certifications such as CISA, CISSP, CISM, CRISC, CGEIT, CIPP/T, ISO 27001 Lead Auditor/Implementor
- Experience in the establishment/implementation and maintenance of compliance certification activities such as SOC2, ISO 27001/2, Cyber Essentials
- Hands on experience of implementing and managing common security technologies including centralised log management, application and system vulnerability scanning, intrusion detection prevention, anti malware, encryption, and authentication and access controls
- Hands on experience of security controls to protect both on-premise and cloud-based platforms (AWS, O365) and applications including Active Directory, Windows server and desktop, Mac OS, SQL, VMWare virtualization etc
- Proven experience in developing and guiding junior security team members.
We are also able to offer a fully flexible working arrangement with the majority of work being remote or home based.