InfoSec Consultant - OUTSIDE IR35

InfoSec Consultant - OUTSIDE IR35

We are working with one of our biggest customer who are looking for an experienced InfoSec Consultant - OUTSIDE IR35

The client are based in the Financial Services sector so any prior experience in this commercial space would be highly beneficial.

Requirements:
Delivery Requirements:

• Deliver the Information Security assurance plan on an annual basis to confirm the ongoing effectiveness of security controls across the estate.
• Conduct control reviews in line with industry best practices and frameworks such as ISO27000, PCI-DSS, Center for Information Security (CIS) and Information Security Forum (ISF) Standard of Good Practice.
• Represent the information security department on change, project and architecture boards where appropriate.
• Maintain relevant security architectural standards as part of continuous improvement.
• Communicate the Enterprise Security Architecture Blueprint and any other principles and standards to stakeholders as and when required.
• Proactively share good practice and expertise with colleagues. Adapt communication style to suit audience, developing effective mechanisms to disseminate information to colleagues.
• Provide security assurance on various initiatives and implement controls in line with the risk tolerance.

Experience and Behavioural Skills

• Background in ISO27001, CISM, CISSP, knowledge of Data Protection / GDPR, Information Security Forum, CiiSec
• Understanding of information security controls in particular those relating to assurance, business process, governance, risk and education
• Background in Assurance or Architecture
• Good decision-making skills, excellent team working skills.
• Good communication skills to obtain “buy in” for the objectives of the security program from all parts of the business both.
• Proactive approach to information security to help enable the business to deliver, while maintaining effective security in line with risk appetite.

Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. 

Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation

We take our obligations to protect your personal data very seriously.  Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website http://proactive.it/privacy-notice/