Specialist in product security for TIAA focused on maintaining security throughout product lifecycles. Engaging in product development, vulnerability analysis, and team collaboration.
SS
Hybrid Information Security Consultant
Posted 18 hours ago
About the role
- Information Security Consultant at Smartdesc providing strategic security guidance and support for customers. Overseeing security projects and improving clients' security posture effectively.
Responsibilities
- Work with Smartdesc customers providing strategic Information Security guidance, support and roadmaps, driving continuous improvement in their security posture.
- Identifying and overseeing a variety of security projects, including helping our customers to implement security controls.
- Assessing against industry good practice, creating assessment reports to deliver to Senior Leadership Teams and improving organisations security position.
- Customer facing requiring a keen eye for detail and proven ability of delivering Information Security good practice.
- Identifying steps that organisations need to take to improve their security position and creating roadmaps for continuous improvement.
- Alignment of good practice frameworks and standards such as Cyber Essentials, NCSC CAF and ISO 27001.
- Ownership or oversight of key Information Security processes and procedures.
- Implementation and ownership of Information Security Risk Management programmes.
- Identifying and managing remediation actions to reduce risks.
- Ownership or oversight of Information Security Policies.
- Development and Implementation of general and role/function specific Information Security Training and Awareness programmes.
- Raising, investigating and managing or supporting IT Security incidents ensuring any necessary follow up actions.
- Providing IT security support to business functions including digital teams, IT infrastructure and IT Service Desk.
- Development and ownership of the Information Security Internal Audit programmes.
- Oversight of rolling programmes of security tests, reviews and audits.
- Writing Information Security reports and delivering the findings to key stakeholders.
Requirements
- Knowledge and experience with technology, security and DP related compliance, legal & regulatory frameworks and standards, including Cyber Essentials, ISO27001, PCI DSS, OWASP, GDPR etc.
- Knowledge and experience of the Microsoft stack. Purview experience is beneficial.
- Ability to demonstrate expert knowledge and understanding of information security good practice.
- Experience in working with technical and non-technical business personnel at various levels, articulating security risks in a manner appropriate to the stakeholders.
- Strong attention to detail.
- Knowledge of Information Security principles and concepts and knowledge of technical security controls.
- Previous consulting experience to SMEs, non-profits or educational settings would be preferred.
- A positive can-do attitude and a self-starter who can work under their own initiative.
- Information Security certifications such as CISSP or CISM are beneficial as are Microsoft certifications especially from the SC series such as the SC-400/401.
Benefits
- Gym membership contribution
- Health Cash Plan
- Increased annual leave with length of service
- Free annual leave on your birthday
- Length of service bonus
- Flexible working hours
- Hybrid working
- Free Will Writing service
- Life Insurance
- And much more!
Job title
Job type
Experience level
Salary
Degree requirement
Location requirements
Cyber Security Engineer designing and developing cybersecurity tools and solutions for ADI Global Distribution. Role involves secure software development and cloud engineering to ensure cybersecurity integrity.
Cyber Security Engineer focusing on secure software development and cybersecurity solutions for ADI Global Distribution. Engaging with an international team to enhance software integrity and security practices.
Head of IT, Security & Compliance ensuring the IT infrastructure and compliance at CameraMatics. Leading security initiatives and regulatory obligations in a hybrid work setting.
Security Officer conducting interior and exterior patrols to ensure safety and monitor access in data centers. Collaborating with clients and performing various security duties.
Managing Director for Security and Resilience at Edison Electric Institute overseeing security and resilience operations for electric power system. Leading a team of experts in national security and regulatory processes.
Head of AI Security at Absa developing security frameworks for AI systems. Responsible for safeguarding AI platforms against cybersecurity threats and ensuring secure development practices.
Security Officer responsible for armed security at the Arizona State Courts Building. Patrolling, monitoring security systems, and ensuring safety during shifts, holidays, and weekends.
Senior Security Engineer managing Privileged Access Management solutions for ZEISS. Engineering and supporting PAM ecosystem, with a focus on BeyondTrust Password Safe, and ensuring reliable service delivery.
Principal Technology Risk & Control Officer managing technology risk assessments and controls at Northern Trust, a leading financial institution. Collaborating across multiple technology domains to ensure alignment with business objectives and regulatory expectations.