Information Security Consultant
Posted on Feb 17, 2021 by Barclay Simpson Recruitment
The Information Security Consultant required for market-leading financial services firm. The role will be focused on being the main security contract for regulators, auditors and internal business areas for the UK and Ireland.
- Understand the Information Security regulatory requirements affecting their aligned channel and be able to guide the channel on appropriate compliance measures.
- Support the aligned business channel in understanding the appropriate application of Information Security policies and standards
- Directs an ongoing, proactive risk assessment program for all new and existing systems and remains familiar with the business channels goals and business processes so effective controls can be put in place for those areas presenting the greatest information security risk
- Works with business partners to manage security risks in line with risk appetite
- The ISO defines, contributes, and uses the ISO scorecard for their business partner
- The ISO scorecard includes security posture (primarily measured through Cyber processes and controls)
- Monitor and report on compliance with security policies, as well as the enforcement of policies within the IT department.
- Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance.
- Work with the Information Security lead to develop a security program and security projects that address identified risks and business security requirements.
- Assist resource owners and IT staff in understanding and responding to security audit failures reported by auditors.
- Participate in problem and change management forums.
- Work with various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation.
- Serve as an active and consistent participant in the information security governance process.
- Work with IT and business stakeholders to define metrics and reporting strategies that effectively communicate the successes and progress of the security program.
- Provide support and guidance for legal and regulatory compliance efforts, including audit support.
- Consult with IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software.
- Work with the enterprise architecture team to ensure that there is a convergence of business, technical and security requirements; liaise with IT management to align existing technical installed base and skills with future architectural requirements.
- Develop a strong working relationship with the security engineering team to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements.
As an ideal candidate, you will have an industry certification such as CISSP/CISM/CRISC and have expert knowledge of information security and financial services regulation. You will also have a proven track record of delivery in a similar role. Experience in dealing with financial services regulators and security frameworks such as ISO27001 is essential.
Set up alerts to get notified of new vacancies.
£45k - £55k Annual
£40k - £60k Annual
£47.8k - £51k Annual