Security Risk Consultant
The duties of this position will be performed our client’s office in London and at customer locations. The Consultant is expected to work alone, around others, under minimal supervision and under deadlines.
The Security Risk Consultant position involves performing security threat assessments, risk analysis audits, policy gap analyses and data leakage surveys for established blue-chip clients. The Consultant must have sufficient experience and skills in methodology security policy (network and user) compliance auditing. The Consultant will be responsible for assisting clients in identifying technological and operation security threats and associated risks to their networks as well as recommending remedial measures. Additionally, the Consultant shall be responsible for conducting gap analyses for clients against established security policies, legislation, regulation and standards.
· Conducting client information security threat and risk assessments
· Conducting governance, risk & compliance (i.e. PCI, DPA & ISO) audits
· Conducting 3rd party supplier and supply chain risk assessments
· Writing information security policies and procedures
· Delivery of information security awareness programs and briefings
· Design and delivery of social engineering programs / attacks
· Assisting clients with information security risk management issues
· Assist and support our client with design and implementation of operation security program
· Other tasks as assigned.
· ISO-27001 Requirements
· PCI DSS Requirements
· U.K. Data Protection Act
· Data Leakage Auditing
· COBRA and current risk management tools
· Work under pressure, meeting deadlines.
· Remedial recommendations
· Report writing & client presentations
· Security policy compliance auditing experience
· ISO, PCI & DPA control frameworks
· Security threat assessments & risk analyses methodology experience
· Operational policies, standards and procedures auditing
· Communication, training, briefings and instructor
· Strong written and verbal communication skills
Education, Training & Experience:
· Minimum three years’ risk assessment / management framework tools
· Minimum three years’ experience managing client projects.
· Minimum three years’ information consulting experience.