Information Security Specialist

Posted 20 February by via resource

Our client, a leading Distribution company, are looking for an Information Security Consultant to help ensure that IT projects are delivered securely, protecting client and employee data.

Duties & Responsibilities of the Information Security Consultant

  • Manage project lifecycles end to end providing Information Security subject matter expertise
  • Taking ownership of security solutions, ensuring compliance with Information Security policies and standards
  • In particular, to ensure the organisation complies to relevant legislation, regulations, code of practice or technical guidance in all matter relating to security
  • Be aware of the bigger picture within the organisation to also understand the importance of Data Security Management, including external drives and standards of ISO27001 and PCI-DSS
  • Scope and manage Penetration Testing including the production of a plan to remediate vulnerabilities identified during any tests in a timely manner
  • Working with development teams ensuring SDLC
  • Responsible for ensuring that any vulnerabilities identified are processed in accordance with the latest Information Security Risk Management process including; risk analysis, identifying and applying appropriate controls, recording, reviewing and approval
  • Assess the current technology infrastructure to identify information security and compliance risk areas and recommend controls to address those risks
  • Undertake technical delivery of security aspects of solutions
  • Review architectural and design documents from a security standpoint
  • Define security non-functional requirements
  • Carry out PCI assessments on projects where necessary
  • Escalate security when necessary

Desired Skills & Experience of the Information Security Consultant

  • Strong risk management knowledge and experience
  • Experience providing security consultancy throughout whole project lifecycles
  • Experience managing penetration tests
  • Understanding of architecture principles and frameworks
  • Experience of supporting customers with Network Security technologies (e.g. Firewalls, Proxies)
  • LAN/WAN networking including routers, switches and infrastructure product
  • Good knowledge of the following applications

o SIEM tools

o URL filtering

o Encryption and hardening techniques

  • Knowledge of OWASP vulnerabilities, tools and methodologies
  • Knowledge of security compliance standards such as ISO27001 & PCI DSS
  • Extensive knowledge of "good" security practice

CISSP, CISM, CRISC or similar certifications desirable

Required skills

  • Security Compliance
  • Security Risk
  • CISM
  • Security Management

Reference: 33987652

Bank or payment details should not be provided when applying for a job. is not responsible for any external website content. All applications should be made via the 'Apply now' button.

Report this job