Information Security Consultant

Information Security Consultant

Posted Today by Lorien

Apply
Negotiable
Undetermined
Remote
London Area, United Kingdom
Apply
Application Security Certified Cloud Security Professional (CCSP) Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Cloud Computing Cloud Technology Computer Science Cyber Risk Cyber Security Governance Risk Management And Compliance Information Systems Security Internet Of Things (IoT) Network Security Portfolio Management Security Engineering Stakeholder Management Threat Modeling

Summary: The Information Security Consultant is responsible for managing a portfolio of change activities to integrate Secure-by-Design principles within an organization. This remote role requires collaboration across various business and technology areas to effectively manage and mitigate cyber risks. The consultant will serve as the primary contact for InfoSec relationships and ensure alignment with security requirements throughout change initiatives. The position demands expertise in multiple security domains and a strong understanding of risk assessments and compliance frameworks.

Key Responsibilities:

  • Manage InfoSec relationships with assigned change portfolio and act as the primary point of contact.
  • Identify the need for additional InfoSec expertise from Security Architecture, Design, or Engineering and facilitate engagement.
  • Provide security requirements and guidance to change activities to ensure alignment with Secure-by-Design principles.
  • Ensure Threat Modelling is implemented across relevant programs, projects, and engineering efforts.
  • Collaborate with Governance, Risk, and Compliance (GRC) teams to monitor risks, compliance, and assurance within the portfolio.
  • Align with Security Culture teams on messaging and culture initiatives targeted at relevant stakeholders.
  • Contribute actively to team objectives and tackle challenges collaboratively.

Key Skills:

  • Expertise in at least two security domains from the following: Application Security, Network Security, Infrastructure Security, Cloud Security, End-User Compute Security, IoT and ICU Security.
  • Strong understanding and experience with risk assessments and compliance frameworks.
  • Minimum 5 years in technology roles, with at least 2 years in security engineering or a similar security-focused role.
  • Proven ability to work cross-functionally and manage complex security change portfolios.
  • Desirable Qualifications: Microsoft/Azure Architecture certifications, British Computer Society Diploma, Professional security certifications such as CISSP, CISM, CRISK, CGEIT, CCAK, CCSK, or CCSP, Degree in Computer Science or Cybersecurity.

Salary (Rate): undetermined

City: London

Country: United Kingdom

Working Arrangements: remote

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Job Title - Information Security Consultant

Position - Remote with infrequent site visit

Location - London, UK

Employment - Contract

Duration - 6 Months

Year of Experience - 5 years

Role Summary

The Change Portfolio Manager is responsible for managing a portfolio of change activities to embed Secure-by-Design principles into all initiatives. This role involves cross-organizational collaboration across multiple business and technology areas to support the mission of managing and reducing cyber risks effectively.

Key Responsibilities

  • Manage InfoSec relationships with assigned change portfolio and act as the primary point of contact.
  • Identify the need for additional InfoSec expertise from Security Architecture, Design, or Engineering and facilitate engagement.
  • Provide security requirements and guidance to change activities to ensure alignment with Secure-by-Design principles.
  • Ensure Threat Modelling is implemented across relevant programs, projects, and engineering efforts.
  • Collaborate with Governance, Risk, and Compliance (GRC) teams to monitor risks, compliance, and assurance within the portfolio.
  • Align with Security Culture teams on messaging and culture initiatives targeted at relevant stakeholders.
  • Contribute actively to team objectives and tackle challenges collaboratively.

Collaboration

Work closely with:

  • Business Engagement teams
  • InfoSec departments including Security Engineering, Architecture & Design, Transformation, Governance, Risk & Compliance, and Security Operations Center (SOC)
  • Technology and business teams such as Workplace Technology, Cloud Platform, and Development teams

Required Skills and Experience

Expertise in at least two security domains from the following: Application Security, Network Security, Infrastructure Security, Cloud Security, End-User Compute Security, IoT and ICU Security. Strong understanding and experience with risk assessments and compliance frameworks. Minimum 5 years in technology roles, with at least 2 years in security engineering or a similar security-focused role. Proven ability to work cross-functionally and manage complex security change portfolios.

Desirable Qualifications

Microsoft/Azure Architecture certifications

British Computer Society Diploma

Professional security certifications such as CISSP, CISM, CRISK, CGEIT, CCAK, CCSK, or CCSP

Degree in Computer Science or Cybersecurity

Apply
Similar Jobs
Loading data...