The Information Security Consultant plays a key role in managing information security risks across the organisation and ensuring security requirements are effectively implemented across internal and third-party services.
Key Responsibilities
Act as the primary contact for information security matters related to service delivery, working closely with business units, customers, partners, and governance teams.
Design, implement, and oversee administrative, technical, and operational security controls across infrastructure, applications, cloud environments, and third-party services.
Coordinate and monitor security risks with risk owners, facilitating regular reviews and mitigation activities.
Monitor and evaluate the effectiveness of IT security controls through regular control assessments, audits, testing activities, and compliance reviews.
Ensure security controls comply with internal policies, regulatory obligations, and industry standards such as ISO *****, COBIT, and related frameworks.
Develop, maintain, and enhance security policies, standards, procedures, and control frameworks to strengthen the organisation's security posture.
Assess the effectiveness of security controls to ensure compliance with regulatory, organisational, and industry standards.
Coordinate security risk identification, control gap analysis, remediation planning, and mitigation activities with control owners.
Oversee third-party and supplier security controls, including contractual security requirements, risk assessments, and ongoing compliance monitoring.
Define and track security KPIs, KRIs, and control metrics to measure control effectiveness, compliance levels, and risk exposure.
Define and track security objectives, metrics, and compliance requirements across services and projects.
Requirements
Degree in Computer Science, Information Technology, or related field, or equivalent professional experience.
5+ years of experience in IT and information security roles.
Strong knowledge of security technologies, governance frameworks, and standards such as ISO ****x, COBIT, ISO *****, and ISO *****.
Experience developing security policies, managing supplier security, and overseeing outsourced service environments.
Hands-on experience with Power BI, Power Automate, and AI-related technologies.
Strong project management and stakeholder management skills within complex enterprise environments.
Excellent communication and documentation skills in English.
#J-*****-Ljbffr