Information Security Consultant

Information Security Consultant

ISO27001, NIST-CSF, GRC, CISSP

Great opportunity within a dedicated Cyber Security Provider!

*** must be eligible for SC security clearance and able to spend regular time in the office

Due to growth, we are looking for someone who comes from a consultancy background but would like work for a company who are solely security focussed.

As part of the Information Security & Compliance team you will work on number of external and internal security projects including implementing and auditing ISO27001.

• Ensuring the protection of information assets and technologies
• Contribution to completion of security related audits such as ISO27001, ISO27701, ISO20000, NIST-CSF, IASME Governance
• Conduct and document internal audits for both internal and external
• Hands-on experience in implementing and auditing ISO27001 is required
• Experience delivering security awareness training or and be comfortable with public speaking
• Manage Third Party Risk Management (TPRM) including vendor security programme reviews,
• Support on scoping engagements and delivering a valued service to our customers

Your background

• Extensive Information Security Governance, Risk and Compliance (GRC) experience as well as InfoSec Operations experience
• Experience contributing to an Information Security Management System (ISMS) certified to ISO27001 standards
• Good knowledge of the Cyber Essentials Plus Scheme as well as UK & EU General Data Protection Regulation (GDPR) and the Data Protection Act (2018)
• Ideally relevant qualifications such as ISO/IEC 27001 Lead Implementer, ISO/IEC 27001 Internal Auditor, CISM/CISSP