Excellent opportunity for a Information Security Consultant – QSA to join a highly regarded cyber security consultancy who have been thought leaders in the information security sector since 2009. In this challenging, yet highly rewarding role you will work with some of biggest household brands helping to shape the infosec systems that protect millions of consumers.
Information Security Consultant – QSA
Remote Based Plus Client Visits
Up to £80,000
We have an exciting opportunity for an experienced Information Security Consultant QSA to deliver information audit, risk, security and compliance consultancy to our varied client base across the retail, insurance, financial services and telecommunication sectors. The role will be based from home with travel to client sites and our Central London offices near Liverpool Street Station as required.
We are looking to add to our team of respected Information Security Professionals during this exciting time of growth. Ideal candidates will be an existing QSA professional and ideally possess experience of leading, implementing or auditing Information Security Standards such as ISO 27001. The role will involve both leading improvement projects and conducting security audits. Utilising your thorough commercial and technical understanding of information security frameworks, eco-systems and security standards, you will offer value-add advice and solutions to our clients to support our continued growth.
+ Undertake information security gap analysis and audits against established standards and regulations such as PCI DSS, ISO 27001, Cyber Essentials and Cyber Essentials Plus
+ Analyse findings and translate needs into actionable recommendations
+ Write and present detailed findings and recommendations reports, providing added value and thought leadership
+ Create and review information security policies
+ Chair information security committee meetings with clients if required
+ Participate in lessons learned exercise to create recommendations for improving future engagements
+ Represent the business as thought leaders and as a centre of excellence at industry events and special interest groups
+ Leverage existing industry relationships and knowledge of industry challenges to further business development
+ Work with clients to ensure security strategies are aligned with their business objectives
+ Support the Account Managers by participating in periodic account reviews to create and review account strategies
+ Support the sales effort by participating in periodic account reviews with Account Managers to create personalised client plans
+ Continually evolve and extend our ‘circle of friends’ such that positive experiences, the breadth of skills, professional approach and flexibility is recognised and shared
+ Support the business in meeting its vision, goals, targets and objectives
+ Identify additional client needs and opportunities and refer them to the Business Development Team as required
+ Support the departmental head in authoring appropriate thought leadership papers, articles, online posts, and marketing materials
+ Support marketing events and presentations as required
Skills and Experience:
Essential Skills and Requirements:
+ Commercial and technical understanding of information security frameworks and eco-systems
+ Experience at leading, implementing or auditing information security frameworks
+ Good working knowledge of common security standards such as PCI DSS, ISO 27001, Cyber Essentials/Plus and GDPR
+ Be an existing QSA and have proven experience of delivering PCI audits for a number of clients at both a RoC and SAQ level
+ Knowledge of at least one risk assessment methodology
+ Understanding of the range of technical controls available to protect the Confidentiality, Integrity and Availability (CIA) of data
+ Understand customer environments and be able to work with both technical teams and senior management to identify issues and risks
+ Excellent customer relationship skills, creation and presentation skills
+ Awareness of common attack vectors such as hacking, malware, DDoS etc.
+ Knowledge of common application vulnerabilities and mitigation approaches
+ A commitment to personal development and keeping a current knowledge of the security industry threats and best practices
+ QSA in good standing
What we offer:
We offer a competitive salary and benefits, continued development and the opportunity to work in a supportive and pragmatic culture. Working as part of an established and thought-leading Consultancy will allow you to make a real impact on the service provision to our clients and the growth of our business, which in turn will lead to future career progression opportunities for our outstanding talent.
25 days holiday, pension, cycle to work scheme, training and development, after 6 months life assurance and private medical insurance
We are an information audit, risk, security and compliance company supplying professional services across a broad range of sectors. The Company was initially formed in 2008 to specialise in payment security and has since grown organically into a highly respected thought-leading information risk, cyber security and compliance consultancy.
By combining creative thinking, selective hiring, passionate vision and exceptional service, our small and highly experienced team provides a commercially balanced blend of strategic and tactical advice, technical assessments and assurance & audit services. We supply to companies across many sectors including retail, insurance, financial services and telecommunication.
Given our ability to generate recurring revenue over multi-year client contracts and the success of our compliance management platform, we have set ambitious annual growth targets of 30% each year for the foreseeable future.
Interested? Apply here for a fast-track path to the Hiring Manager
If you have any pre-application questions please contact us first quoting the job title & ref. Good luck, Team RR.