GRC Consultant - Governance, Risk, Compliance - Information Security

17 May 2017
16 Jun 2017
Contract Type
Full Time

GRC Consultant - Governance, Risk, Compliance - Information Security


Home Based - Clients in London & Home Counties

£50,000 to £60,000 + Excellent Benefits Package

One of the UK’s most progressive IT Security Consultancies is seeking a GRC Consultant to ensure consultancy requirements are delivered through projects and change initiatives are implemented for clients and partners. The GRC Consultant join an existing GRC team, with responsibility across multiple service delivery functions. The GRC Consultant will drive delivery, standardisation and assurance across all project functions in the field of information security consultancy. The role will be based from home but with travel to London and Home Counties frequently. There will be international travel to Company offices in Europe and the US.

Main Tasks & Responsibilities:

> Effective communication with internal and external stakeholders across the Company’s client portfolio to ensure Information Security capabilities are articulated and understood in a technical support role.

> Assist the sales team in pre-sales capacity in understanding technical requirements, facilitating consultancy engagements that meet both business needs of the Company and its clients.

> Effective introduction of the beneficial security risk outcomes for clients in line with their business and risk appetite, using the range of consulting capabilities.

> Ability to communicate information security threats and their impact to clients at all levels in technical and layman terms.

> Support the Senior Information Security Manager, assist with the analysis of requirements and design of clients’ information security posture, as well as Legal, Regulatory and Scheme security requirements.

> Support the team in delivery of work streams for clients in compliance standards such as PCI DSS, ISO27001, EU GDPR and incident management disciplines.

> Assist with the execution of 3rd party security reviews to ensure controls are appropriate and in line with the required standards, as well as Legal, Regulatory and Scheme security requirements.

> Provide support and assistance to the wider business with the maintenance of Information Security and Compliance internal projects (e.g. CREST, ISO27001).

> Research and evangelise new ideas and concepts for the business that will enhance and fortify the service offerings for the team.

Essential Skills & Experience

# Proven ability to make sound pragmatic decisions and judgements under tight timelines.

# 3- 5 years’ experience in IT Governance, Risk & Compliance # Ideally will have a CISSP, CISA or CISM qualification

# Excellent analytical and communication skills, self-driven and able to work independently as well as part of a team

# Strong stakeholder engagement skills with the ability to connect and communicate at all levels across the organisation.

# Ability and capacity to absorb large volumes of information and articulate a solution in a verbal and written format.

# Experience of risk management principles and associated methodologies.

# Strong interpersonal and influencing skills with the ability to influence and drive change in a collaborative way both internally and externally

# Proven ability to make sound pragmatic decisions and judgments under tight timelines.

# Previous experience in being part of a team within an Information Security function.