Description
IT Security Consultant/IT Controls Designer
My Dublin based client currently requires an experienced IT Security Consultant (CISSP, GSEC or CISMP certified) to join their existing team for an initial 6 month contract.
The successful candidate should possess the following:
Background/Purpose of Role:
The IT Security Consultant is responsible designing and/or reviewing solutions and services being introduced to the company, assessing them for any potential control gaps
Key responsibilities:
1. Design security controls for proposed solutions to meet relevant IT Security standards and guidelines
2. Carry out objective assessment of the security aspects of a proposed solution to
- identify all relevant IT Security components
- identify all relevant IT Security standards and guidelines
- identify all designed controls
- identify all required controls
- identify and document where the design introduces risk to the company or compounds an existing risk
- ensure that the documented solution provides appropriate controls which are aligned to the business's control requirements for the data assets being protected
- document and agree gaps and recommendations
3. Assist the IT project teams in securing a managed infrastructure and application penetration testing service to include
- scoping a penetration test in conjunction with the relevant Project Team
- selecting an appropriate vendor to perform a penetration test
- interpreting any identified risks for the project team/business
4. Carry out objective examination and provide a report on the appropriateness of the technical & logical controls implemented and executed by 3rd Party suppliers where that 3rd Party carry out services for the company.
5. Carry out objective examination and assess the appropriateness of mitigating operational controls to be implemented where an element or complete existing technical standard cannot be met due to operational or technical constraint.
6. Schedule and manage External Vulnerability tests, and interpret any identified risks for the project team/business
7. Carry out objective assessment of Firewall change requests to ensure that each change or series of changes to Firewalls:
- Conforms to IT Security policies & Standards
- Identifies where the change introduces a risk to the company or compounds an existing risk
- is aligned to the business's control requirements for the data asset being accessed or transferred as defined by the data confidentiality/integrity/availability classifications.
8. Carry out objective assessment for examining and reporting on the appropriateness of the security controls implemented and executed by a Cloud Service Provider (CSP) where the CSP carry out one or more of the following activities:
- host virtual infrastructure that processes, stores or transmits data (Amazon Web Services)
- host a platform that runs software or services processing, storing or transmitting company data (like Microsoft Azure)
- host software that processes, stores or transmits company data (like Cisco WebEx)
- processes, stores, transmits or displays data that can be linked back to the company
9. Carry out the weekly activities required to manage Restricted Software.
Management Support
- Support Management with the embedding of IT Security culture and behaviours
- Positive and proactive participation within the team and active collaboration with colleagues across the Group as appropriate
Key Requirements of this role:
Skills & Experience
- CISSP, CISMP, GSEC or recognised equivalent.
- Good technical knowledge across a variety of platforms
- Good technical knowledge of network protocols and related technologies
- Experience across a number of relevant IT disciplines
- Strong knowledge of IT Security best practice
- 3rd Level qualification in IT or equivalent experience is preferred
- Some knowledge of information security and risk control frameworks such as COBiT, ISO 27001, ISO 27002
This is an excellent role with a leading client paying strong daily rates for the right candidates. Should you be interested please contact Stephen Daly.