Information Assurance Consultant-IT Audit, Risk
Your new company
A well known hi-tech company based in the Winchester area, Hampshire.
Your new role
This is a broad-based IT Assurance role working as a business partner with a specific business area -partnering with the technical consultants and being the point of contact for the business on Information Assurance matters. The role will include IT Audit, IT Risk Assessment and Assurance Policy Advice and Governance of Policies.
- Implement risk management processes across the business to identify, assess and manage information security risks.
- Partner with business units to identify and assess information security risks.
- Support business managers to understand, rate and mitigate their information security risks.
- Work with business units to understand their business drivers and embed information security and information risk management practices within business processes.
- Maintain the ISMS to meet Cyber Essentials and ISO27001 recertification requirements and further develop its effectiveness in line with changing business goals and technology usage.
- Support the development of information security standards and procedures that comply with legislative, government and industry best practice standards with regard to security and the protection of assets.
- Provide information assurance support to internal projects and programmes, ensuring a security lifecycle approach is taken during development activities.
- Undertake information security risk assessments of internal systems, networks and outsourcing/third-party agreements in support of assurance activities.
- Maintain security risk registers and reporting dashboards.
What you'll need to succeed
You may either have a background in a consulting organisation but be keen to work in a company where you can see the results of your hard work and make a real different to the organisation or you may come from an in-house Information Assurance role.
You will ideally have a broad-based Information Assurance/Governance background and ideally one of the following qualifications:
Certified Information Security Manager (CISM) Certified Information Security Systems Professional (CISSP)
ISO27001 Lead Auditor or Implementer
Certified Information Systems Auditor (CISA)
Certified in Risk and Information Systems Control (CRISC)
What you'll get in return
Working in an exciting period in the company with a large transformation programme happening, this role offers an excellent challenge to candidates who are keen to make an impact in a new role.
On offer is a competitive salary and benefits package and excellent working environment.
What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career.