Senior Security Consultant (GRC)

Role Overview

We have an exciting opportunity for a Senior Security Consultant to join our growing Governance, Risk and Compliance (GRC) team. In this role, you will apply your expertise in information security to provide strategic guidance to clients on GRC activities, as well as on achieving their cyber and information security objectives. You will take the lead in managing technical consulting engagements and contribute to the successful delivery of complex security programs.

Responsibilities

• Apply a strong knowledge of the cyber threats, hazards, risks, controls, and mitigations to protect organisations, their employees, customers and stakeholders and deliver effective Information Security outcomes.
• Work directly with our clients to understand the cyber security threats and regulatory requirements relevant to their organisation.
• Design and deliver information security, cyber resilience and maturity assessments tailored to customer's organisational and compliance needs.
• Lead and advise customers on the design, implementation and adoption of information security policies, procedures.
• Understand relevant frameworks for managing different areas of Information security, risk management and data protection.
• Evaluate the security of third-party service providers and advise on the appropriate selection of suppliers and implementation of procured services.
• Be proficient in the use of Microsoft Purview for data labelling, data loss prevention, data lifecycle management, data governance, compliance management, and risk mitigation, with the ability to implement information protection strategies.
• Create reports on risk and compliance for Senior stakeholders, including risk mitigation strategies and improvement plans.
• Contribute to the development of new and innovative solutions to protect ourselves and our customers.
• Stay up to date with the latest industry and technology developments and promote these within your projects and delivery.

About you

• Experienced in designing, delivering and deploying information security outcomes, solutions and services.
• Demonstrable experience of industry frameworks and standards, including UK government, public and private sector; such as ISO27001, NIS Directives, NIST, GDPR, DORA, Cyber Essentials, PCI and UK Government Functional Standards.
• Experienced in leading and managing successful GRC / Information Security projects.
• Capable of effectively communicating and showcasing the strategic benefits of investing in GRC initiatives to strengthen and manage information security frameworks.
• Possess strong stakeholder engagement and management skills.
• Hold relevant academic or professional certifications e.g. CISM, CISSP, PCIRM, MSc, ISO27001 (lead implementer/auditor), CIPPE.
• Have the right to work in the UK and are eligible for UK security clearance.

What we look for in our people

• Strong alignment with FSP values and ethos.
• Commitment to teamwork, quality and mutual success.
• Proactivity with an ability to operate with pace and energy.
• Strong communication and interpersonal skills.
• Dedication to excellence and quality.

Who are FSP?

FSP is a leading consultancy specialising in Digital, Security and AI solutions. Our success is enabled by our unwavering commitment to excellence, our people centric culture alongside best-in-class operations, ensuring impactful and sustainable outcomes for our clients.

As a long standing and highly accredited Microsoft Partner, with extensive solution designations, we partner with clients across a range of commercial sectors, enabling digital transformation, innovation and robust cyber security.

We navigate the complexities of data sensitivity, confidentiality, governance and compliance. We blend strategic insight, depth of technical expertise, delivery and operational excellence to meet the specific requirements outlined.

We take a collaborative, one team approach with our clients to drive sustainable change, providing outstanding client experience and delivering exceptional results that are aligned with business priorities.

Our commitment to security and quality is reinforced by our ISO27001 and ISO9001 certifications (UKAS), as well as our CREST approved penetration testing and SOC capabilities. Additionally, we are an IASME Cyber Essentials Certification Body and Cyber Essentials Plus certified. Find out more about our accolades here: https://fsp.co/about-fsp/

Why work for FSP?

At FSP, we are committed to providing:

• A collaborative and supportive environment in which you can grow and develop your career.
• The tools and opportunity to do work you can be proud of.
• A chance to work alongside some of the best people in the industry, who always seek to share their knowledge and experience.
• Hybrid working - we empower you to make smart choices about when and where to work to achieve great results.
• Industry leading coaching and mentoring.
• Competitive salary and an excellent benefits package.

Equal and Fair Opportunity

FSP is an equal opportunity employer and we welcome applications from all suitable candidates. We consider all applicants for employment regardless of age, disability, sexual orientation, gender identity, family or parental status, race, colour, nationality, ethnic or national origin, religion or belief.

Research suggests that applicants from underrepresented groups are less likely to apply for roles if they do not precisely meet requirements, or if they felt there were clear barriers as to who should apply. If you are excited about a potential role with us but are concerned that you may not be a perfect fit, please do apply, as you may be the ideal candidate for this role or for a different vacancy within FSP.

We endeavour to always provide fair opportunity for applicants to showcase themselves in the best way possible during any interviews or meetings. If you require any adjustments for a call or in-person meeting, please let us know.