GRC Security Consultant [IT Security, GRC, ISO 27001, GDPR]
Posted on Oct 4, 2019 by GIOS Technology Limited
Key Skills: IT Security, GRC, ISO 27001, GDPR
Our client Tier1 IT system integrator are looking for GRC Security Consultant to support their client project based in Dublin, Ireland.
Key Result Area
Security Consultant with all-round information security and GRC skills required to work on delivering security governance, risk assessment and compliance services. We are seeking an innovative and motivated Consultant who under general direction with a high level of autonomy, uses extensive knowledge and skills obtained through education and experience to perform the necessary analysis, advisory and delivery tasks related to the development of enterprise security strategies, frameworks, risk posture, compliance management or specific security solutions to meet the customers requirement.
In addition, the Security Consultant will be required to independently lead and assess technical, process and policy control gaps/risks to advise clients of security standards, best practice and solutions to address any risk.
- Play a role in the delivery of GRC consultancy services for customer's Information Security, maintaining quality and customer satisfaction. Working closely with Customers Team to develop GRC deliverables (Security Strategy/Frameworks/Policies/Assessments/Solutions etc.) and lead their implementation remotely dependent upon the customers' requirements.
- Provide advisories, assessments, develop GRC related deliverables and lead security initiatives at an enterprise level, ensuring that the customers' security requirements are met.
- Experience of managing multiple SMEs (IT Risk, IAM, BCPD/DR, and Security Architects).Understand the Non Functional Maturity Index and help the team achieve targets.
- Can manage and Participate in IT Security & External ISO Audits very well.
- Understanding of Data Privacy, GDPR and ISO 27001
- Able to understand ITGC Requirements
- To provide soft consultancy skills and a proactive approach to gain the absolute trust of our customers and understand the customer protocols.
- Participate in providing mentoring support and guidance to team members to help grow skills and capabilities.
- Good knowledge of IT Risk Management.
- Good Knowledge of IT DR practices
- Experience in making IT Security Strategy.
- Experience in managing & leading Security operations and Identity & Access Management Teams
Essential Skills/Experience Information Security Consultancy.
- 10+ years of relevant experience.
- Developing and implementing Enterprise Security Strategy, Governance Frameworks, and Standards, Policies (eg Conversant in ISO27001, DPA, PCI-DSS, and GDPR etc.).
- Understanding of gap analysis approach, risk assessment principles/methodologies/techniques, compliance management and the interpretation/application of their output in the definition of Security management and governance.
- A high level knowledge of all key areas of Information Security and an ability to apply them appropriately.
- Delivering Security Strategies as part of a broader Enterprise or IS/IT Architecture.
- Experience in working with external ISO 27001 certifying organizations, certifiers, IT Auditors.
- High level knowledge of security audit and information assurance processes.
- Appreciation of trends in IT security, including GRC developments in the region.
- Good knowledge of Risk Management.
- One or more of the following skills and experience would be advantageous
- Very Good Communication skills
- Teamwork and Coordination
- eGRC/Risk Assessment/Compliance management tools, solutions and implementation.
- Security Metrics and Benchmarking.
- Industry specific experience will be added advantage (HIPAA, SOX, or PCI etc.).
- One or more of the following certifications would be preferred.
- ISO 27001 Lead Auditor
- GDPR Certifications