Information Security Assurance Consultant

Information Security Assurance Consultant - Hybrid

Role
We have a brand new role with our Services client for an experienced Information Security Assurance professional.
Reporting into a member of the Senior Leadership Team, and with a close working relationship with the Head of Technology & Innovation, you will be responsible for the implementation and ongoing management of the information systems, together with associated functions including business continuity planning, information assurance, data security and data privacy.
The role will require collaboration with stakeholders as well as their customers and stakeholders to ensure that services are delivered to the appropriate high quality and standards, complying with relevant accreditations, legal and contractual obligations.

Responsibilities

• Implementing the strategy, policies and working practices defined within the ISMS
• Implementing the strategy, policy and working practices defined in accordance with contractual requirements
• Delivering service in line with ISO27001 and Cyber Essentials Plus
• Providing regular reporting to assess the effectiveness and operation of the ISMS Management and maintain security operations in line with the organisation's Security Policy and Standards and Industry Best Practices
• Understanding key contractual objectives and advise on areas for improvement
• Reviewing and managing security risks and threat assessments
• Engaging with both internal stakeholders, client and third party service providers on matters of information security, risk and privacy
• Engaging as security expert with major programmes and change requests
• Maintaining ISMS, Operational Security and Risk Assurance Documentation
• Providing timely monthly management reporting on the security posture and performance of key suppliers, and analysis of security related incidents
• Attend and support stakeholder/client meetings
• Ensure Operational Security are audit ready and provide support to audits (both internal and external)
• Be responsible for the implementation of Risk Management

Skills & Experience

• Information security assurance professional with strong knowledge and experience with security policies and standards
• Technical aptitude and knowledge across the spectrum of information security solutions and operations
• Knowledge of IT security solutions and their integration and operation into business systems and processes
• Experience of security maturity and developing roadmaps aligned to both internal and client need
• Experience of working with MOD accreditation
• Experience working with GOV/MOD standards, NIST, JSP's
• Experience of building relationships with senior internal and external stakeholders
• Experience of ISO/IEC 27001 compliance and certification
• Experience of Cyber Essentials Plus compliance and certification
• CISSP, CISA or CISM certified or equivalent qualification in Information Security
• The successful candidate must be able to undergo a security clearance process.
• Experience of managing external third party assessments and relationships

Please email your CV to apply for this position