Information Security Risk Consultant - Cheltenham, Gloucestershire, United Kingdom - InfoSec People Ltd

    InfoSec People Ltd
    InfoSec People Ltd Cheltenham, Gloucestershire, United Kingdom

    2 weeks ago

    Default job background
    Description

    Role:
    Senior Cyber Security and

    Information Assurance Consultant Location:
    Gloucestershire

    Working Preference:
    Hybrid - Remote (Client Sites 1-2 days a week)
    company pension, 25 days holiday, life assurance, learning and development support)

    Please note that to apply for this role, you must hold a British Passport and have lived in the UK for a continuous period of 5 years or more.

    InfoSec People are delighted to be working with our client, a leading security consultancy based in the South West, who have a Senior Cyber Security and Information Assurance Consultant.

    Provide security advice and guidance for clients in 'business as usual', technical refresh and new project environments.


    • Identify client Cyber Security and Information Assurance (CS&IA) risks within client operational environments and determine appropriate remediation based on business risk appetite that protects information assets from loss, misuse, leakage or corruption.
    • Create or review client security and information assurance policies and procedures to meet corporate and regulatory requirements.
    • Work in partnership with clients to implement cyber and information security controls in pragmatic ways that deliver investment value and support business operations.
    • Ability to provide technical Cyber and Information Security assurance risk management and solutions within complex scenarios.
    • Ability to conduct, deliver and maintain technical security risk assessments using established or novel approaches.
    • Ability to work on multiple projects and tasks concurrently, successfully balancing business and client priorities.
    • Ability to work effectively both individually and as a senior team member in a multi-disciplined organisation.
    • Ability to coordinate and manage multi-disciplined Cyber and Information Security resources including technical specialists, while providing coherent reporting to non-technical business stakeholders.
    • Ability to provide threat detection and monitoring technologies and services.
    • Ability to produce Cyber and Information Security incident response plans and coordinating desktop incident response exercises.
    • Broad knowledge and application of common Cyber and Information Security bodies, standards, frameworks, guidelines and legislation (e.g. InfoSec People values diversity, equity, and inclusion (DE&I).