Job Details

Click here to become a registered jobseeker.

Information Security and Risk Consultant

Leeds, Yorkshire, United Kingdom, £ £ 55000.00-60000.00 Annual Annual, Permanent


Information Security and Risk Consultant - Leeds

My financial services client are looking for an Information Security and Risk Consultant.

Role Responsibilities:

  • Collaborate with stakeholders to identify, assess and treat internal and third party information risks; tracking the risks and the associated controls.
  • Manage, develop, and maintain the information risk register, information asset register, and support continuous improvement and maturation of information security risk management processes
  • Manage and mentor Lead Information Security and Risk Analysts
  • Provide advisory support to business function and IT teams in understanding risk and security considerations of business operations, new projects, and third party suppliers.
  • Ensure that the security requirements for new and change business projects are defined, based on the assessment of risk within the framework provided by Group Policy
  • Assist IT teams in defining and executing action plans to implement controls
  • Monitor compliance with the agreed controls on a regular basis
  • Manage and maintain reporting of control/compliance progress
  • Support internal and external audits to ensure their success.
  • Contribute to the definition and maintenance of a practical and comprehensive Risk Assessment methodology, with supporting tools where appropriate
  • Control and manage assurance monitoring and tracking, including the retention of adequate records.
  • Schedule information risk and compliance audits, review the outcomes audit process; direct compliance issues to appropriate resources for investigation and resolution
  • Ensuring IT and Information Security risks are captured and articulated
  • Ensuring that appropriate controls assurance, compliance and reporting activities are conducted to enable effective identification and management of related issues and exceptions
  • Ensuring reviews of IT and information risk controls are undertaken, oversee related remedial activities and make recommendations to management in order to make IT and information security controls more robust
  • Additionally provide input into regulatory and governance returns, input into audit activities and management of resulting actions

Skills/Competencies Required:

  • Risk Management Framework experience (IRAM, CRAM etc.)
  • Experience of Policy and Standards writing and management
  • Knowledge of security related products, Information Security Management Systems and security/risk strategies
  • Proven information security and cloud based systems risk management experience.
  • Experience of security controls both within cloud environments and on premise.
  • Experience in the following areas: Information Security, IT Audit, supplier security assessments, working within a control framework
  • Strong knowledge of ISO series of standards, PCI DSS and GDPR
  • Knowledge of Cybersecurity Frameworks such as CIS Critical Security Controls, OWASP, Cloud Security Alliance etc.
  • Good knowledge and understanding of software development life cycle and its implications on BAU service.
  • Have excellent relationship management skills and able to influence business and IT stakeholders.
  • Experience of working within a complex and dynamic business environments.
  • Critical thinking skills with strong attention to detail and follow up.
  • High degree of professionalism and personal integrity.
  • Ability to work with a high degree of independence.
  • Excellent documentation skills (process, control, policy, and risk documentation)
  • Proven experience implementing and delivering discipline in controls, in an organised manner.
  • Ability to learn quickly and apply risk/control considerations, whilst being mindful of business process impact.

Job Details

Not Specified
Leeds, Yorkshire, United Kingdom
£ £ 55000.00-60000.00 Annual Annual