InfoSec, Risk and Compliance Consultant - ISO 27001, PCI DSS

Apollo Solutions
London (Greater)
10 Feb 2018
15 Feb 2018
Contract Type
Full Time
Information Security, Risk & Compliance Consultant - Global eCommerce Company - ISO 27001, PCI DSS

Do you want to be part of a growing fast-paced and ambitious team, enjoy strong career progression opportunities, a buzzing work environment, and great salary and bonus?

Are you an Information Security, Risk & Compliance Consultant who knows in the ins and outs of ISO 27001 and PCI DSS (Payment Card Industry Data Security Standard)?

Then do continue reading

As an Information Security, Risk & Compliance Consultant, you will be reporting directly into the IS, Risk & Compliance Lead.

*Assist and support Cybersecurity Team workstreams and activities as required
*Produce, review and contribute to information/cyber security policies and standards
*Liaise with other teams/functions to ensure that data and systems are adequately protected and appropriately monitored
*Liaise with 3rd parties that may store sensitive data on behalf of the company, ensuring that the data is stored and monitored appropriately
*Conduct regular and ongoing monitoring of and reporting on enterprise-wide compliance with information security standards and policies
*Assist and/or manage internal and external audits (e.g. of suppliers) as required
*Manage, track and monitor corrective action plans for security audit findings, standards exceptions and control deficiencies

Key KPIs:
*Achievement of agreed security standards as agreed by the IS, Risk & Compliance Lead
*Appropriate security governance processes are implemented and adhered to
*Appropriate security policies and practices are implemented and adhered to
*Appropriate security technologies as defined in the strategy are implemented successfully
*Mitigate known security risks; avoid the avoidable incidents / breaches

*At least one industry-recognized Information Security certifications e.g. CISSP, CISA, CISM or ISO 27001 Lead Implementer/Auditor
*Previous experience in a governance, risk and compliance (GRC) role
*Previous experience of using GRC tools
*Strong technical skills relevant to Information Security, such as data encryption, secure data transmission, secure data consumption and risk analysis
*Familiarity with Information Security industry standards/best practices and relevant regulations (e.g. PCI DSS, ISO 27001, NIST, COBIT)
*General knowledge of applicable data privacy practices and laws
*Strong understanding of security technologies and best practices

Base salary on offer is up to £60K (potentially more if you tick all the boxes), plus a £5.5K flexible benefits package (cash), pension (7% from you and 7.5% from the company), 10% bonus, 26 days' holidays (1 day for your birthday). Also: great development programmes, amazing offices and great culture, subsidised gym and canteen, huge staff discount, life insurance, medical care, cycle to work scheme, etc.

Information Security, Risk & Compliance Consultant - Global eCommerce Company - ISO 27001, PCI DSS
This job was originally posted as

Similar jobs

Similar jobs