Location: London (remote working up to 3 days per week)
My client is an established leader in the risk consulting market and is now offering this opportunity to join the company as a Technology Risk Assurance Consultant.
Working across disciplines, technologies and geographies, everything my client does is based on the belief that qualified risk-taking is essential to their clients' success.
My client provides his customers with the vision to focus resources and prepares them to address and resolve crises and minor issues that arise in any large organisation.
MAIN TASKS AND RESPONSIBILITIES
- Ability to independently schedule, monitor and ensure the completion of pre-defined information security questionnaires and related assessments.
- Able to work collaboratively with teams from other disciplines, within the overall organisation, as well as with suppliers and customers.
- Can manage complex concurrent activities under tight deadlines.
- Able to work under pressure to deliver good quality assessment reports.
- Can perform on-site and/or remote third party security assessment of critical suppliers to business units that transmit, process or store sensitive data.
- Work with existing and new suppliers to confirm exit strategy, data retention and data return measures.
- Manage back-office functions and activities, including assurance scheduling, reporting and remediation management for agreed suppliers.
- Assist the team in a continuous improvement regime.
- Resource for a defined set of suppliers whilst working as part of a global team to provide advice and guidance on supplier data security.
- Be prepared to travel occasionally to conduct assessments (includes UK and international).
QUALIFICATIONS AND SKILLS
- Any technology certification, or equivalent experience.
- Desirably, any recognised security certification such as CISSP, CISA, CISM, ISO/IEC 27001 Lead Auditor, CCSK or CCS, or equivalent experience.
- Bachelor's degree, or similar academic qualification.
REQUIRED EXPERIENCE AND KNOWLEDGE
- At least 2 years' experience in performing technology analysis, IT audits, business analysis, information security assessments or audits.
- Ability to prepare audit and/or risk assessment reports, with standard risks and recommendations.
- Good working (non-technical) knowledge of key technology and security areas (e.g. authentication, service management, BCP, physical, GDPR/data protection).
- Good communication, influencing and negotiation skills.
- Experience in a similar risk assessment or analysis role for a complex global organisation.
- Personal impact: Inspires and builds trust in relationships generating commitment and support.
- Customer-focused: Delivers on commitments and ensures that others do the same - reliable and accountable.
- Solution-focused: Seeks constant improvement, giving honest feedback.
Individuals are given direct responsibility (with the appropriate level of authority to make the right decisions), excellent career development opportunities and the chance to work collaboratively on exciting projects in a rewarding and inclusive global environment.
All employees are expected to exhibit behaviours that reflect my client's values and organisational culture: Integrity and ethics, collaboration and teamwork, commitment to people, professionalism and excellence.