InfoSec, Risk and Compliance Consultant - ISO 27001, PCI DSS

Information Security, Risk & Compliance Consultant - Global eCommerce Company - ISO 27001, PCI DSS

Do you want to be part of a growing fast-paced and ambitious team, enjoy strong career progression opportunities, a buzzing work environment, and great salary and bonus?

Are you an Information Security, Risk & Compliance Consultant who knows in the ins and outs of ISO 27001 and PCI DSS (Payment Card Industry Data Security Standard)?

Then do continue reading…

ROLE
As an Information Security, Risk & Compliance Consultant, you will be reporting directly into the IS, Risk & Compliance Lead.

Accountabilities:

  • Assist and support Cybersecurity Team workstreams and activities as required
  • Produce, review and contribute to information/cyber security policies and standards
  • Liaise with other teams/functions to ensure that data and systems are adequately protected and appropriately monitored
  • Liaise with 3rd parties that may store sensitive data on behalf of the company, ensuring that the data is stored and monitored appropriately
  • Conduct regular and ongoing monitoring of and reporting on enterprise-wide compliance with information security standards and policies
  • Assist and/or manage internal and external audits (e.g. of suppliers) as required
  • Manage, track and monitor corrective action plans for security audit findings, standards exceptions and control deficiencies


Key KPIs:

  • Achievement of agreed security standards as agreed by the IS, Risk & Compliance Lead
  • Appropriate security governance processes are implemented and adhered to
  • Appropriate security policies and practices are implemented and adhered to
  • Appropriate security technologies as defined in the strategy are implemented successfully
  • Mitigate known security risks; avoid the avoidable incidents / breaches


EXPERIENCE

  • At least one industry-recognized Information Security certifications e.g. CISSP, CISA, CISM or ISO 27001 Lead Implementer/Auditor
  • Previous experience in a governance, risk and compliance (GRC) role
  • Previous experience of using GRC tools
  • Strong technical skills relevant to Information Security, such as data encryption, secure data transmission, secure data consumption and risk analysis
  • Familiarity with Information Security industry standards/best practices and relevant regulations (e.g. PCI DSS, ISO 27001, NIST, COBIT)
  • General knowledge of applicable data privacy practices and laws
  • Strong understanding of security technologies and best practices


SALARY AND BENEFITS
Base salary on offer is up to £60K (potentially more if you tick all the boxes), plus a £5.5K flexible benefits package (cash), pension (7% from you and 7.5% from the company), 10% bonus, 26 days' holidays (1 day for your birthday). Also: great development programmes, amazing offices and great culture, subsidised gym and canteen, huge staff discount, life insurance, medical care, cycle to work scheme, etc.

Information Security, Risk & Compliance Consultant - Global eCommerce Company - ISO 27001, PCI DSS


Similar searches: Permanent, Retail, Wholesale & FMCG