Description
Technical Information Security Consultant required for a market-leading insurance firm. The focus of the role is to support the security function in providing security services to the business and facilitating Information Security strategic change. You will be aligned to an MS Office 365 Strategic programme for the delivery of threat modelling and consultancy support.
Responsibilities:
- Knowledge of threat modelling creation, reporting and secure architecture methodologies
- Knowledge and experience of Office 365 reference architectures and services
- Knowledge and experience of security maturity practices and assessments including gap analysis and road mapping
- Experience in Analysing information security risks associated with new IT and business initiatives, including potential impact and likelihood as well as identifying effective mitigating controls.
- Technical stakeholder management. Experience & ability to engage with Agile Tribes and other projects to ensure effective and appropriate information security engagement.
- Ability to maintain a high level of technical expertise to be applied to the evaluation and selection of mitigating controls.
- Knowledge of Ensuring that integration is in place between the risk management, operational and incident response processes.
- Ability to apply the information security risk assessment process to identify risks within the scope of an ISMS and identify the relevant risk owners.
- Experience of delivering risk assessment reports, threat modelling and risk treatment recommendations, to be delivered in a timely and repeatable manner.
- Experience of contributing and maintaining an effective risk management mechanism to ensure that the firm has as accurate and current a view of information risk exposure as possible.
- Knowledge and experience of using at least one risk methodology.
- Strong technical background, eg knowledge of controls implementation and management.
As an ideal candidate, you will have an industry certification such as CISSP/CISM/CRISC/CEH. You will have expert technical knowledge in information security and have a proven track record in a similar role. Strong knowledge MS Office 365 reference architectures and services. Experience within financial services is desirable but not essential.