Information Security Consultant
ISO27001, NIST-CSF, GRC, CISSP
Great opportunity within a dedicated Cyber Security Provider!
must be eligible for SC security clearance and able to spend regular time in the office
Due to growth, we are looking for someone who comes from a consultancy background but would like work for a company who are solely security focussed.
As part of the Information Security & Compliance team you will work on number of external and internal security projects including implementing and auditing ISO27001.
- Ensuring the protection of information assets and technologies
- Contribution to completion of security related audits such as ISO27001, ISO27701, ISO20000, NIST-CSF, IASME Governance
- Conduct and document internal audits for both internal and external
- Hands-on experience in implementing and auditing ISO27001 is required
- Experience delivering security awareness training or and be comfortable with public speaking
- Manage Third Party Risk Management (TPRM) including vendor security programme reviews,
- Support on scoping engagements and delivering a valued service to our customers
Your background
- Extensive Information Security Governance, Risk and Compliance (GRC) experience as well as InfoSec Operations experience
- Experience contributing to an Information Security Management System (ISMS) certified to ISO27001 standards
- Good knowledge of the Cyber Essentials Plus Scheme as well as UK & EU General Data Protection Regulation (GDPR) and the Data Protection Act (2018)
- Ideally relevant qualifications such as ISO/IEC 27001 Lead Implementer, ISO/IEC 27001 Internal Auditor, CISM/CISSP