Senior Information Security Consultant
Recruiter
Listed on
Location
Salary/Rate
Type
This job has now expired please search on the home page to find live IT Jobs.
Our client, a well known organisation within the UK, are looking for an Information Security Analyst to help ensure that IT projects are delivered securely, protecting client and employee data.
Duties & Responsibilities of the Senior Information Security Consultant
- As an Information Security Analyst, work on a number of projects under the supervision of Senior Analysts/Information Security Projects Assurance Lead
- Provide end to end engagement on a wide range of IT projects ensuring that security is built in, they deliver securely and client and employee data is protected
- Attend Programme/Project meetings and represent Information Security, giving advice as required
- Review architectural and design documents including Solution Outline Documents, Detailed Designs, Network Diagrams, Data Flow Diagrams etc.
- Define Security Non Functional Requirements for each project and ensure that they are fulfilled prior to going into service
- Ensure the relevant technology standards are applied to specific projects
- Produce resource estimates for Information Security engagement on projects and record your time on the current resource management tool
- Manage external resources to ensure that penetration testing is carried out to a suitable standard on time and within budget
- Scope and manage Penetration Testing including the production of a plan to remediate vulnerabilities identified during any tests in a timely manner
- Responsible for ensuring that any vulnerabilities identified are processed in accordance with the latest Information Security Risk Management process including; risk analysis, identifying and applying appropriate controls, recording, reviewing and approval
- Articulate risk in technical and non-technical terminology so that it can be interpreted by IT and Business individuals alike
- Carry out PCI impact assessments on projects where appropriate
- Assess the current technology infrastructure to identify information security and compliance risk areas and recommend controls to address those risks
- Escalate any issues to the Information Security Project Assurance Lead where appropriate
Desired Skills & Experience of the Senior Information Security Consultant
- An Information Security qualification e.g. CISSP or CISM; CISA or CEH or equivalent desirable but not essential
- Computer Science degree and/or MSC in Information Security desirable but not essential
- Working knowledge of different delivery methodologies including Waterfall, Agile and Hybrid
- Experience of risk management
- Knowledge and skills to manage Penetration Testing processes and remediation
- Has a broad knowledge and understanding of IT concepts and architectures including Cloud, BYOD, Mobile Device Management etc.
- Proactively takes responsibility, owns any issues arising and follows through to resolve them, recognising how individual responsibility impacts team delivery and inspires others to do the same
- Knowledge of OWASP vulnerabilities, tools and methodologies
- Knowledge of HTTP, SSDLC and Security Testing
- Some knowledge of PCI, DPA and ISO27001