Information Security Consultant

Rullion Niche
29 Sep 2017
03 Nov 2017
Contract Type
Full Time
Information Security Consultant - Newbury Financial Services Salary Circa £55,000 My client, a well known financial services firm, is looking for an experienced Information Security professional to work as part of the Information Security function, improving Information Security across the firm and being responsible for the following: - Leading projects and risk owners through to point of risk closure - act as a leader, provide value to the business - Security assurance services to internal Business and IT stakeholders. - Providing formal quotations and security engagement forecasts for every proposed project - 100% engagement on all projects presented for approval at Investment Management Committee - Providing security requirements for every approved engagement, based on company policies, security standards and best practice. - Working closely with project teams and business stakeholders to ensure risks within project solutions are identified and managed to point of closure (before being introduced into production). - Responsible for identifying the need for, and managing arrangements of penetration testing within project lifecycles - also working with all parties post pen testing to ensure issues are remediated in a timely fashion. ABOUT YOU: - At least five years' experience of managing/performing information security consultancy / risk assessment of business systems - Strong understanding of security consultancy or application security and infrastructure security - Strong understanding, and recent experience of web application security, OWASP top 10, common security threats and how to defend against such threat vectors; - Recent experience of security for business systems and common IT infrastructure - Experience in structured risk management process/methodology (CRAMM, OCTAVE, ISO27005 or equivalent risk management methodology) is essential. - Experience of Information Security best practices, policies and structured security frameworks such as ISO27001 - Experience of operating within an ISO27001 certified environment - Experience of working within Financial Services or similar heavily regulated business is necessary - CISSP or CISM security qualification or equivalent experience - Strong people skills with the ability to identify the need for, and build strong relationships with key internal and external stakeholders - Capable of making complex security issues simple to understand for all audiences. - Thorough analytical, problem solving and risk management skills This is a rare opportunity, apply now for immediate consideration or call Jack Bennion on ************* for more details.
This job was originally posted as