Description
My global research client is looking for a Senior IT Security Risk and Compliance Consultant to join their team based in Prague on a 12-month contract must be local or willing to relocate. This is an exciting opportunity to work in a global environment.
As the Senior IT Security Risk and Compliance Consultant, your key tasks and skills will consist of:
- Support the Head of IT Security, Risk, and Compliance Corporate Functions with the implementation of the Group Information Security Strategy
- Communicate and promote the company's IT Security Policy framework
- Perform Business Case reviews ensuring initiatives are thoroughly security assessed following a standardised company framework
- Support RFP activities to ensure the selected vendor is fully able to meet all of our security requirements
- Perform contract reviews making sure that vendor security risk is mitigated and kept to an acceptable level
- Ensure that security is Embedded in the project's life cycle and that project teams deploy products/systems/applications in line with the IT Security Architecture Framework
- Oversee security testing is carried out for important Assets and reported findings are followed up and timely addressed
- Assess current levels of risks within the IT environment on an on-going basis ensuring all of the identified security risks are managed through their life cycle from identification to closure and provide appropriate visibility to the Management
- Provide concise, relevant, and informative reports to the Group Head of Information Security, Risk & Compliance and to the Head of IT Security, Risk and Compliance CF on the level of security and risks within the Global IT CF scope
- Monitor and manage all security incidents & breaches and take remedial actions to prevent recurrence wherever possible
Requirements:
- Minimum 5 years of experience within Security in a global environment
- ITIL v3, CISSP, CISA, CISM certification preferred
- Experience with SNow GRC Module
- IT Security and Risk Management framework such as ISO 27001, COBIT, NIST 800 series
- IT Infrastructure experience including strong knowledge of web applications, databases, issues and practices related to operating systems, networks, and virtualization
- Ability to examine security from an over-all view including threat modelling, specifications, implementation, testing, and vulnerability assessment
- Strong understanding of common Information Security concepts including OWASP, IAM, SIEM, DLP, etc.
- Ability and willingness to travel 20-50% of the time
- Fluent in English with excellent communication skills.
This is a contract role paying between €250 and €280 per day.
If you are interested in this exciting global 12-month contract, please apply here and send your CV ASAP for consideration. Only applicants who are local or open to relocation need apply