Sr Information Security Advisor/ Business partner
- Posted 23 May 2023
- Salary £80000 - £100000 per annum + benefits + bonus
- Job type Permanent
- DisciplineCyber Security
- Contact NameAshleigh Phipps
Broadgate have partnered with an amazing, growing and up coming consultancy who supports its clients across a multitude of business disciplines and industries. Some of their services include educated tailored security services such as CISO as a service, testing of assets, helping identify, remediate and mitigate business risk against technical vulnerabilities, GDPR advisory, digital forensics, incident response and eDiscovery.
They are passionate about the protection of our clients' data and systems - and achieve this through the delivery of excellent service. Using standard frameworks such as NIST, ISO27001, PCI DSS, CIS their consultants help provide advanced information security knowledge, expertise & best practices in delivering high quality security advisory, assessments, and become a dedicated security partner for our clients.
Their security consultants are all qualified to master's level and above in their area of expertise and hold qualifications such as CISSP, CISM, CEH, CISA, GCIH and ISO 27001 Certified ISMS Lead Auditor. As an Information Security Consultant, you will be responsible for helping clients assess, design and build effective security program. This is an opportunity for you to showcase your strong communication skills and experience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs.
What You Will Do:
* Provide guidance to clients on building and/or maturing information security programs * Evaluate client needs, coordinate design for a solution, and clearly communicate the value proposition of complex and highly technical subjects
* Implement and/or assess existing security controls in client organisations and advise on improvements where necessary
* Perform assessments against standard frameworks to assess the client security posture
* Provide knowledge of tools and technologies used for enterprise security
* Interface with clients to deliver projects, address concerns and build a relationship with them
* Coach and mentor junior team members to develop a strong robust team from top down
* Consult at Management / C-Level for complex security models and managed services including delivering and presenting to the board on cyber security
* Act as CISO or IT Security manager for clients
* Act as DPO and GDPR manager for clients
* Respond to and manage client cyber security incidents within prescribed SLA's and processes.
* Monitor the external environment to gather intelligence on emerging technologies * Participate or lead in scope of work determination and RFP/RFI responses
* Broaden and use your network to onboard new clients, and develop further relationships with existing clients to increase the company client portfolio and support business development initiatives Qualifications Minimum
* 7+ years' experience in professional information security domains, * Industry background in information security consultancy or similar role is desirable
* A recognised university degree or equivalent, specialising in computer science, information systems, computer forensics, or information security.
* CISSP (Certified Information System Security Professional) certification, Certified Ethical Hacker, Systems Security Certified Practitioner, IT/Computing Certifications (Cisco, Microsoft, Oracle, etc.) and/or Certified Information Systems Auditor accreditation's (desirable) or equivalent
* Experience of security frameworks, such as ISO 27001, NIST 800-53, HIPAA/HITECH, or PCI DSS ; Understanding and capability to develop and promote Governance and IT Security Frameworks, policies and standards.
* Knowledge of national and European data protection laws and practices including an in-depth understanding of the GDPR. Certification desirable e.g. CIPP/E (Certified Information Privacy Professional/Europe) or CIPM (Certified Information Privacy Manager)
* Experience of information security and information risk management processes and techniques such as application and operation system hardening, vulnerability assessments, penetration testing, security audits, IDS, Firewalls, cryptography, incident response, digital forensics and other areas of security operations etc.
* Understanding of the components that comprise a successful information security program and ability to implement such programs
* Experience in consulting at management level
* Experience in developing and maintaining cyber security road maps to improve the security posture within our clients environment
* Experience in mentoring and coaching a team
* Experience in successfully interfacing with clients and manage expectations
* Broad knowledge of vulnerability scanning, penetration testing, red teaming, and cloud security assessments.
* Knowledge of auditing cloud environments, desirable but not essential (e.g. AWS, Microsoft Azure, Google Workspace)
* Ability to document and explain technical details in a clear and concise manner * A strong understanding of the information security market
* Full Irish driving license
* Fluent in written and spoken English
If you feel you are too Sr or slightly too Junior for the position there is flexibility as the consultancy grows and their practice so feel free to pop your CV over for review and a confidential conversation or email