24th November 2022
Information Security Consultant (GRC)
Information Security
London
£60,000 - £66,000 per annum + annual discretionary bonus
On behalf of London based Leader in the card payments industry, I m seeking a fully certified and experienced Information Security Consultant with a background in GRC. Reporting to the Principal Information Security Consultant, the role requires a level of interaction with business areas, including IT Operations and Operations. This position also requires inter-IT cooperation.
The organisation operate a hybrid work model where you will be expected to be office based at least 1 day per week, therefore you must be UK based and within commutable distance of their City of London offices.
Responsibilities:
- The information security specialist is responsible for ensuring organisational assets are secured appropriately based on their importance to the organisation.
- This is an information security consultancy role that supports the function of Enterprise Security Architect team.
- Provide advice and guidance on how to minimise the impact of potential threats to assets and services.
- To liaise with potential or current partners and suppliers to evaluate the information security levels of the company or services.
- Support compliance actives for regulators and contractual requirements.
- Management of information security policies and standards.
- To ensure controls implemented in production systems are operating as designed to mitigate known risks.
- Governance reports on the effectiveness of controls to internal and external stakeholders.
- Aware of current and possible future trends in the information security landscape and the impact on policies and standards.
- Adherence to standards, including ISO27001 and Information Technology, PCI-DSS and Infrastructure Library (ITIL).
Skills/Experienced required:
- 5+ years’ experience in an Information Security Consultant capacity preferably within a financial services organisation.
- Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) is essential.
- experience with regulatory compliance and information security management frameworks (eg, IS027000, COBIT, NIST 800, etc.).
- An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood and actionable manner.
- Strong interpersonal skills with the ability to communication with executive-level managers within a company.
Consultant - Brendan Connolly
Telephone: 0207 392 7512
Email: brendan.connolly@spencer-rose.com
Share This Position
