Senior Information Security Specialist
6 month contract - to start immediately
£580/day Ltd - £670/day Umbrella in scope of IR35
Based in Milton Keynes
Our client is looking for someone to provide and deliver information and IT security and information risk management professional services across their business and to assist in ensuring that the confidentiality, integrity and availability of information assets, systems and services is managed to an acceptable level of risk at all times whilst complying with legal and industry regulations.
What you will need:
* You will need to have experience at a high level with MS 365 as this is the project you'll be working on.
* Need to understand all the security behind it and Azure stack. Need to have good communication skills as will be working remotely the majority of the time.
* Relevant technical degree and or certification(s) e.g. CISSP, CISM, CRISC
* Good understanding of the Data Protection Act and General Data Protection Regulation (GDPR)
* Knowledge of information security management systems e.g. ISO27001
* Experience of information security management and/or consulting in a complex technology environment.
* Experienced in developing information security requirements for programmes and projects as well as reviewing the security aspects of programme and project briefs, business requirements, solution designs, test plans and results.
* Knowledge and experience of undertaking risk assessments and business impact assessments.
* Knowledge and familiarity of vulnerability assessments and penetration testing.
* Experience of information security programme and project governance.
* Comfortable in delivering presentations to technical and non-technical stakeholders.
* Proficient in the use of Microsoft Word, Excel and Powerpoint.
* Basic understanding of the Common Safety Method and the ITIL Framework
* Support and deliver a security assurance framework for Information Technology systems, services and assets.
* Provide security accreditation activities to determine that new and proposed information systems, services and assets are secured by design and effectively evaluated for safety against defined safety management processes.
* Engage with the National Supply Chain to ensure that appropriate information security due diligence is undertaken against third party suppliers including procurement activities where appropriate.
* Build strong relationships with internal programme and project teams to obtain security governance deliverables including Business Impact Assessments (BIAs), security requirements, risk assessments and security testing, including attending programme and project meetings and workshops to provide security advice and guidance.
* Plan and coordinate vulnerability assessments and penetration tests of applications and infrastructures when required, interpret the findings and ensure appropriate actions are taken to mitigate any significant findings.
* Work with information asset owners, business system owners and technical stakeholders to collaboratively identify the information security and safety risks that new and proposed information systems, services and assets represent and defining appropriate controls to manage those risks to an agreed level of tolerance through the whole life of the asset.
Contact us now on (phone number removed)
To apply for this position and for a full job description contact Linda Davison by emailing your C.V to l i n d a . d a v i s o n
The partnering concept promoted by Vital means that we work together with candidates and clients
to achieve your career and recruitment objectives. For clients the result is cost effective, culture-compatible solutions that make staff selection, recruitment and retention far easier.
For candidates it means a personal and professional relationship that will help you through every stage of obtaining your ideal job and pursuing your career goals.
Our commitment to both candidates and clients is equalled only by our professionalism and dedication to providing the best possible service