Senior Information Security Consultant

This job has now expired please search on the home page to find live IT Jobs.

Our client, a well known organisation within the UK, are looking for an Information Security Analyst to help ensure that IT projects are delivered securely, protecting client and employee data.

Duties & Responsibilities of the Senior Information Security Consultant

- As an Information Security Analyst, work on a number of projects under the supervision of Senior Analysts/Information Security Projects Assurance Lead

- Provide end to end engagement on a wide range of IT projects ensuring that security is built in, they deliver securely and client and employee data is protected

- Attend Programme/Project meetings and represent Information Security, giving advice as required

- Review architectural and design documents including Solution Outline Documents, Detailed Designs, Network Diagrams, Data Flow Diagrams etc.

- Define Security Non Functional Requirements for each project and ensure that they are fulfilled prior to going into service

- Ensure the relevant technology standards are applied to specific projects

- Produce resource estimates for Information Security engagement on projects and record your time on the current resource management tool

- Manage external resources to ensure that penetration testing is carried out to a suitable standard on time and within budget

- Scope and manage Penetration Testing including the production of a plan to remediate vulnerabilities identified during any tests in a timely manner

- Responsible for ensuring that any vulnerabilities identified are processed in accordance with the latest Information Security Risk Management process including; risk analysis, identifying and applying appropriate controls, recording, reviewing and approval

- Articulate risk in technical and non-technical terminology so that it can be interpreted by IT and Business individuals alike

- Carry out PCI impact assessments on projects where appropriate

- Assess the current technology infrastructure to identify information security and compliance risk areas and recommend controls to address those risks

- Escalate any issues to the Information Security Project Assurance Lead where appropriate

Desired Skills & Experience of the Senior Information Security Consultant

- An Information Security qualification e.g. CISSP or CISM; CISA or CEH or equivalent desirable but not essential

- Computer Science degree and/or MSC in Information Security desirable but not essential

- Working knowledge of different delivery methodologies including Waterfall, Agile and Hybrid

- Experience of risk management

- Knowledge and skills to manage Penetration Testing processes and remediation

- Has a broad knowledge and understanding of IT concepts and architectures including Cloud, BYOD, Mobile Device Management etc.

- Proactively takes responsibility, owns any issues arising and follows through to resolve them, recognising how individual responsibility impacts team delivery and inspires others to do the same

- Knowledge of OWASP vulnerabilities, tools and methodologies

- Knowledge of HTTP, SSDLC and Security Testing

- Some knowledge of PCI, DPA and ISO27001