Information Security Consultant

Cr Consultancy Berkshire Limited
10 Aug 2017
18 Aug 2017
Contract Type
In this varied role, you will become a proactive and central participant in a strong team of skilled Information Security professionals. You will engage with stakeholders across the business, T&L IT program and project managers and external suppliers as an Information Security SME and review technology objectives for new T&L IT projects and programs, and their resulting security requirements, making recommendations accordingly. In collaboration with the Security Governance team you will also offer governance and risk guidance and perform research and development activities on new security developments.

Key Responsibilities

- Manage and perform risk assessments in early stages of T&L IT projects and programs
- Carry out treatment and tracking of identified risks in order to ensure that security is properly embedded at delivery.
- Provide advice and guidance to stakeholders with implementing suitable, cost-effective security measures throughout the development phases (Agile/DevOps)
- Coordinate code reviews and penetration testing and manage execution in collaboration with external vendors
- Establish and provide specialist consultancy on e.g. Enterprise Security Solutions and Industrial IT (ICS/SCADA)
- Support the Security Governance team with research and development on current and emerging security trends and threats
- Support the T&L IT Digital Team in early stages to provide a solid security foundation for Digital Innovations.

Skills and Experience Required

- A Master degree in computer sciences, information management or another related area (a Bachelor degree can be accepted if experience is extensive);
- Broad general IT knowledge (networks, architecture, Cloud etc).
- Minimum 5 years' experience of managing and implementing risk within a global and similar size business;
- Solid security relevant experience, typically 7+ years, including Information Security and Risk Management experience
- Knowledge of international regulatory and compliance frameworks
- Knowledge and understanding of securing cloud technologies
- Proven ability to work and effectively prioritize in a dynamic and decentralized work environment;
- One or more Information Security Certifications (e.g. CISSP, CISM, CCSP. SCCP. Ethical hacking) are required

Who were looking for

- Strong personal impact with excellent communication and interpersonal skills at all levels of the business
- Handles most situations independently but will timely seek advice and guidance on more complex issue
- Being able to explain complex ideas in a concise manner;
- Being able to articulate the risks in a language that the business understands,
- Strong situational analysis and decision-making abilities;
- Excellent planning and organisational skills;
- High attention to detail;
- Be able to work under pressure and meet deadlines;
- Must be highly reliable, trustworthy and honest