Our client, a leading distribution organisation, are looking for an Information Security Compliance Consultant to help undertake Information Security compliance checks and reviews to ensure adherence to with Policy, Standards, Legislation and Regulation and the performance of other administrative duties relating to Information Security management in line with best practice policies including ISO27001 & PCI DSS
Duties & Responsibilities of the Information Security Compliance Consultant
- To own, maintain and monitor compliance with the Information Security policies and associated security standards.
- Writing and updating Information Security policies and standards.
- Conducting compliance audits.
- Managing exceptions and waivers.
- Risk assessment and reporting.
- Own and maintain the Group’s information asset register.
- Manage external compliance and certification efforts as required (e.g. PCI & ISO27001).
- Coordinate and administer the security education & awareness programme.
Desired Skills & Experience of the Information Security Compliance Consultant
- Relevant industry experience writing policies and undertaking security compliance activities
- Professional security qualifications and certifications such as MSc, CISSP, CISM or CISA
- Knowledge of the EU General Data Protection Regulations and Payment Card Industry requirements
- Knowledge of the principles of Information Security in a commercial environment
- Understanding of IT security principles and best practices
- Understanding of risk analysis techniques
- ISO27001 Lead Auditor qualification desired
Occasional travel across different offices required.
- Information Security
- PCI DSS