Security and Cyber Risk Consultant - new job in Worcestershire, UK

Security and Cyber Risk Consultant
  • £45,000 - £60,000 per Annum
  • Permanent
  • Worcestershire, England, UK B47 6WG Worcestershire GBR B47 6WG
Job Ref: BBBH22722
Sector: Cybersecurity
Date Added: 23 June 2022

Security & Cyber Risk Consultant - Competitive salary plus comprehensive benefits

Lorien's leading financial services client are looking for a Security and Cyber Risk Consultant to join the Information Security & Cyber Risk team in Group Risk with a base location in their Wythall office, providing Line 2 oversight and challenge to the business and to support the Information Security & Cyber Risk Manager in delivering against the Group Risk Management Framework and Strategy. This role is on a hybrid working model of 2 days per week in the offices. You will be joining them on a permanent basis and be part of their next key phase growth strategy.

The Role:

  • Support the Information Security & Cyber Risk Management Team in the execution of their duties and appropriately represent them within the business in providing effective guidance, challenge, assurance and oversight
  • Report and deliver Information Security & Cyber risk assurance/review activity consulting with management to formulate and agree effective solutions to any identified shortfalls
  • Provide input to the continuous development and improvement of the risk review methodology and approach
  • Provide input to the continuous development and improvement of the supply chain management model.
  • Produce quality management information and reporting.
  • Provide risk-based, accurate, practical and sound guidance, opinion and support to operational and strategic change initiatives, BAU activity, projects and breach and incident remediation plans
  • Effectively analyse breaches, incidents, internal and external audit, compliance monitoring and other review findings to determine Information Security and Cyber risk implications, consideration of regulatory notification to the FCA, ICO or other relevant regulators. Report notifiable events to the relevant Approved Person and liaise with the Phoenix OSP in relation to remediation, root cause and prevention activities as appropriate
  • Review relevant customer processes and systems where there are changes and provide guidance, recommendations and challenge to business owners on areas for development/improvement
  • Challenging the business to ensure that the established information security control framework is (and remains) aligned with industry best practice, using the ISO / IEC 27000 series standards (or equivalents) as a benchmark.
  • Challenging the business to ensure that the Information Security Control Framework meets the requirements of current and emerging legislation and regulation, including the guidelines and expectations of our regulators.
  • Continuously developing existing expert technical knowledge and applying this in conjunction with significant business awareness in order to give accurate and timely advice when these are constantly evolving.
  • Conduct Line 2 Information Security and Cyber Risk oversight and assurance activities which adds value to the business, ensuring delivery via a multi-site team in a consistent manner to a high level of quality.
  • As a member of the Information Security & Cyber Risk team in Group Risk, working proactively across the various teams in the function to ensure that we deliver fully against the Group Risk Framework.

About You:

  • Relevant Information Security and Cyber technical experience, including knowledge and awareness of the regulatory environment and relevant legislation, product administration processes and outsourced service arrangements.
  • Proven knowledge and experience of IT Security tools, capabilities and controls.
  • Knowledge of Security Testing tools and techniques e.g. Penetration Testing, Infrastructure Scanning, Static Code Review and Web App Scanning tools.
  • Proven knowledge and experience in Industry Standards and best practice including the ISO/IEC 27000 series, NIST Cybersecurity Framework etc.
  • One or more Information/Cyber Security Certification/Qualification e.g. Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP), CompTIA Security+ etc
  • One or more Risk Management Certification/Qualification e.g. Certified in Risk and Information Systems Control (CRISC), an Institute of Risk Management qualification etc
  • ISO 27001 Lead Auditor

In return

Our client is offering a fantastic basic salary alongside a highly competitive benefits package. The company pride themselves on private medical care, 38 days holiday, generous bonus potential and an impressive 32% employer pension contribution and companywide bonus.

If you're looking to develop your career as a Security and Cyber Risk Consultant, add value to the team and work with the latest cutting-edge technology we want to hear from you. Please send a copy of your latest CV ASAP or call for a confidential discussion!

We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation, gender reassignment, marriage and civil partnerships, pregnancy or maternity or age

23/07/2022 16:16:37
GBP 45000.00 60000 Annum
Contact Consultant:
Paige Gilbride

Submitting application, please wait..