Description
Security ConsultantMy Oil and Gas Client require a Security Consultant to join a team with a current ongoing project
The Security Consultant will implement good Information Security practices within the business and Information Systems (IS) project lifecycle using the Information Security Service Catalogue. Thus ensuring new systems are secure and residual risk is managed effectively.
The skills required
Knowledge and experience of delivering projects using the project life cycle.
Knowledge and experience of risk and information systems control.
Familiarity with industry best practise frameworks and standards such as ISO 27001, NIST and PCI DSS.
Knowledge of relevant legislation, regulation and good practice e.g. Data Protection Act, Financial Conduct Authority and Prudential Regulatory Authority.
At least one professional certification such as, CISSP, CISM, CRISC, or relevant security experience
Able to perform security assessments (e.g. defence in depth, separation of privilege etc).
Experience of scoping penetration tests using third party suppliers.
Experience of working on a large range of project sizes, from a programmes of work, though to small and complex projects