Global professional services organisation requires a Security Consultant to sit within the IT Risk and Compliance team. In this role you will help respond to RFI's and RFQ's and act as the liaison point with the auditors.
You will play a critical role in translating complex technical and operational information into simple business language. You will be a seasoned information security professional with extensive consulting experience and a proficiency in multi-tasking across numerous assignments simultaneously
- Undertake formal risk assessments to identify and document threats along with cost-effective mitigation controls in line with the Enterprise Risk Management Framework.
- Provide authoritative expertise and advice across a range of national and international standards and information security best practices.
- Manage complex and challenging projects to maintain the confidentiality, integrity and availability of information assets.
- Produce solution architecture documentation for information security initiatives and facilitate approval by relevant stakeholders.
Skills and Experience
- Minimum of 7 years commercial experience in Information Technology, with at least 3 years specialising in an Information Security role.
- Applicable industry certifications (e.g. CISSP, CISA, CISM).
- A deep understanding of Risk Management principles and frameworks.
- Experience working with relevant industry standards and guidelines including ISO 27000, PCI-DSS, NIST Cybersecurity Framework, ITIL, COBIT, Privacy, etc
- Excellent working knowledge of Internet and network security systems and tools including firewalls, load balancers, WAFs IDP, PKI and remote access systems.
This is initially a 4 month contract but could be long term or a permanent role for the right candidate.