You are here
Information Security Consultant
Do you have extensive experience with Information Security Governance?
Have you had exposure to Strategy & Compliance within Security?
About Our Client
Our client is a Leading Professional Services Firm
The Information Security Consultant will be responsible for directing strategy and the budget for the protection of the organization's information and system assets and for promoting a culture of security, awareness, and compliance throughout the organization.
Responsibilities & Duties include but are not limited to:
- Identify, evaluate, and report to management on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the organization.
- Advise on the design of security systems and overall security architecture.
- Develop and update security policies, including cyber incident response, identity and access policies; engage with key stakeholders in connection with feedback and implementation following approval by management.
- Maintain a current understanding of the IT threat landscape and applicable best practice standards.
- Ensure compliance with the changing laws and applicable regulations.
- Develop risk assessment framework.
- Ensure effective communication and compliance/enforcement of cyber security policies and procedures.
- Provide training and mentoring advice.
- Brief management on status and risks; assume the role of champion for the overall information security program and strategy.
- Work with the Information Security Manager and associated team to ensure effective implementation of technical controls.
The Successful Applicant
Education Requirements/Work Experience
A bachelor's degree in Computer Science, IT Security or related field, ten to twelve years' experience in IT and security, with a minimum of at least five years in IT security management.
Regulatory compliance knowledge, including HIPAA, SOX, PCI, NIST and GLBA.
Understanding of Federal, Provincial and Local laws concerning data acquisition, protection and transmission.
Information Technology Infrastructure Library(ITIL), COBIT, ISO and other applicable IT management methods and toolsets.
Familiarity with mobile operating systems, applications and security protocols, hacking and forensics tools.
Certifications required include CISSP and CISA.
What's on Offer
A Competitive Package