I focus on delivering IT staffing solutions to our high-profile clients, on a contract basis. I cover a wide range of roles across a variety of corporate clients, using my expertise to quickly source the ideal candidate.
Security Risk Consultant
Security Risk Consultant
This role is to support the Information Security Risk & Compliance Manager to improve and deliver a robust information security risk and compliance governance and management framework
Job DescriptionSecurity Risk Consultant
6 months +
This role is to support the Information Security Risk & Compliance Manager to improve and deliver a robust information security risk and compliance governance and management framework and associated processes to meet the business, legal and regulatory obligations and deliver the information security strategy.
This role will be responsible for identifying, assessing and evaluating risks to enable the execution of the enterprise risk management strategy.
* Improve and maintain an information security governance framework (specifically leading key IS third party suppliers) to guide activities that support the information security strategy
* Effective delivery of the PCI DSS, FCA and Smart ISMS strategies and assurance of on-going compliance across all sales channels, processes and systems
* Identify and report on risk, including compliance, to initiate corrective action and meet business and regulatory requirements
* Conduct (internal / external) reviews through the Audit lifecycle e.g. contributing to ToR definition / sign off, cycle planning and coordinating fieldwork across IS teams
* Support 2nd and 3rd line of defence with ITGC, FCA, CSL and financial audits Responsible for own performance management activities, inputting to defining objectives, KPIs and carry out annual performance and reviews with line manager
* Prepare supporting material including reports and updates for senior audit, compliance, operational, legal, regulatory risk and control boards, committees, steering groups and forums
* Maintain information security governance into corporate governance to ensure that organisational goals and objectives are supported by the information security program.
* Collect information and review documentation to ensure that risk scenarios are identified and evaluated.
* Identify legal, regulatory and contractual requirements and organisational policies and standards related to information systems to determine their potential impact on the business objectives.
* Identify potential threats and vulnerabilities for business processes, associated data and supporting capabilities to guide in the evaluation of enterprise risk.
* Improve upon and maintain a risk register to ensure that all identified risk factors are accounted for.
* Industry exposure to emerging risk and threat landscape
* Understand both the external market place and internal political environment
* Technical information security skills
* Exceptional communication and interpersonal skills
* Ability to build robust relationships and to interact at all levels
* Ability to have a high level view of risks associated with control activities
* Ability to put complex issues in simple terms
* Ability to understand business issues and the impact on the business areas of proposed new control processes
* Strong analytical and problem solving skills
* Strong planning and organisational skills
* Strong impact, influencing and negotiating skills, at all levels
* Ability to work under pressure and cope with competing demands
Further details will be given on application for this excellent opportunity at one of the UK's leading organisations. Please note that all candidates must be willing to undergo and Basic level Disclosure Scotland (CRB) and a Credit Check as part of the recruitment process for this vacancy.
This vacancy is being advertised by Advanced Resource Managers. ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions.
Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Advanced Resource Managers IT Limited operates & advertises as an Employment Agency for permanent positions and as an Employment Business for contract/temporary positions.