Information Security Specialist

Channel Isles  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Description

A Leading Financial Service are looking to hire an experienced Information Security Specialist.

The role will be ideally based in Guernsey in the Channel Islands, however they would consider individuals who are based in the UK (preferably London) who are willing to travel to Guernsey a couple of times a month.

Role Overview/Purpose
The Information Security specialist is required to assist in the successful delivery of the Information Security Strategy Project within the company.

The role involves:
* Implementation of components of the Information Security Strategy Project, (ISSP), and initiatives prior to the recruitment of a CISO
* Agree deliverables of ISSP with project manager and Head of Information Security, (HOIS), for 2015, according to the ISSP which has already been agreed by the management group
* Deliver agreed deliverables on time and within budget, unless specifically agreed in writing prior to target dates.
* Monitor and report on project delivery, escalating identified risks and issues to project manager.
* Identify risks and issues and provide solutions to mitigate
* Deliver components of project to ensure an ISMS consistent with ISO27001, in preparation for future ISO27001 certification.
* Ensure deliverables include assurance mechanism and BSC reporting
* Ensure project delivers a reduced likelihood of an Information Security breach so related risk is more comfortably within the firms risk appetite.
* Utilise Information Security market skills to recommended solutions as required for the ISSP and appropriate to the size of the company, and where necessary follow-up with business case justification, and management of the tendering process.

Role requirements and accountabilities
Relationship Management:
* Reporting to the project manager, and HOIS, to manage and deliver the components of the ISSP
* Relationship management, with guidance from HOIS, with senior stakeholders within the firm to ensure alignment of solutions with business function and the necessary engagement with project initiatives
* Provide information security awareness training and education to ensure Information Security culture is enhanced and further Embedded within the firms culture.
* Monitor and report on project delivery, escalating identified risks and issues to project manager.

Business Requirements:
* Good knowledge of threat feeds and their integration into a business environment.
* Good knowledge of SIEM systems with experience of building a business case and successful integration into the business environment.
* Develop and maintain Policies and Standards as necessary for the project
* Check and maintain internal control mechanisms. Report and act on risks and issues arising.
* Perform routine and non-routine security checks on systems as deemed necessary, and report accordingly
* Provide recommendations and advice on maintaining a secure computing and information management environment.
* Perform project components of user awareness with respect to Information Security for the Group

Teamwork:
* Work within relevant teams and with stakeholders and other staff to successfully deliver the ISSP.

Business/Market Knowledge:
* Strong background and understanding of working in the Finance industry and being able to communicate with senior staff in the respective business areas.
* Proven experience in similar environment including evidence of successfully implementing Information Security initiatives.

Internal Control:
* Identification and assessment of information security risk
* Assist in the definition and implementation of internal security controls to meet policy, legal and regulatory requirements.

Regulatory:
* Follow best practice within the regulatory framework, suitability, conduct risk and Treating Customers Fairly principles
* Meet ongoing suitability and conduct requirements at all times
* Understand and apply internal Risk and Compliance policy, process and procedures

Essential Skills:
*Demonstrable experience of successfully project managing ISO27001 ISMS implementation within a similar sized or larger organisation
*Management Report Writing
*Background of working with finance applications in either a user or support role
*Experience of delivering Information Security solutions satisfying various audit/certification standards: PCIDSS, ISO27001 certification.
*Good understanding of at least two of the following: Active Directory structures and NTFS file permissions, Microsoft Server and management of access rights or Firewall management.

Essential Qualifications:
*CISSP or CISM
*Experience in a financial services, information security or IT environment
*Meticulous and methodical approach to administrative and regulatory/audit related procedures
*3 or more years experience in Information Security

Desirable Qualifications:
*Knowledge of banking processes and workflows
*Basic knowledge of ITIL and COBIT
*Training and experience of Prince 2 principles or similar.
*Experience of creation and presentation of reports at board level

Start date
ASAP
Duration
6 months
From
Harvey Nash IT Recruitment UK
Published at
19.08.2015
Project ID:
968276
Contract type
Freelance
To apply to this project you must log in.
Register