From architecture to implementation, we are immersed in I.T. One of our core specialisms, we have placed a broad range of talent. From developers bringing a Java project over the line, to C-suite execs overseeing the cybersecurity of entire portfolios, we have matched candidates with some of the country’s biggest corporations – as well as its coolest consultancies. Under the umbrella of I.T and business change, we have also been part of some spectacular business change and transformation initiatives - in industries like retail, utilities, defence, telecoms, finance and banking.
We are currently looking for an experienced information security professional to join the Information Security Practice of a growing London based Consultancy. They are looking for a passionate individual, who is interested in developing their career, knowledge and technical skills whilst supporting the business through this exciting period of growth.They work with multiple industry sectors, and are currently ooking for an individual with practical implementation and auditing experience under the ISO27001 framework. The information security practice is experiencing a significant period of growth and successful individuals will be providing consultancy services either based at the London office or on client sites. We are keen to meet candidates who want to make a step-change into a consulting environment with a solid grounding in an ISO27001 role, or those that have had previous consulting experience.
Key accountabilities for this role include:
Practical experience of undertaking Information Security Management System (ISMS) compliance projects in accordance with ISO27001 framework;
Practical experience in undertaking both internal and external ISO 27001 related audits;
Identifying risks to business information and systems;
Undertaking risk assessments, risk treatment planning and advising on remediation actions;
Lead and conduct security assessments and improvements with full engagement with stakeholders;
Review ISMS company policies and security standards and promote improvements and best practice;
Working with clients and project teams to complete ISMS compliance;
Carry out process reviews and refinement; and
Carry out information risk assessment and treatment.
To be successful in the role the post-holder should be able to demonstrate experience in the following areas:
Technical knowledge of information security compliance (ISO27001), information management and IT security arrangements;
Strong understanding of ISO27001 Framework and preferably interest in Data Protection/GDPR;
Have practical experience in undertaking ISO 27001 internal and external (field) audits;
Experience of business transformation and change;
Confidence in communicating with key stakeholders including C-suite level and building relationships;
Ability to provide expertise and support in operational risk, governance, business continuity, data protection, data leakage and privacy;
Ability to explain complex ideas in a concise manner;
Ability to audit against ISO 27001 security requirements;
Ability to work independently with little to no supervision; and
Have in-depth understanding of Information security risk assessment and treatment requirements.
Skills and Qualities
Excellent client consulting skills and ability to engage with stakeholders at all levels;
Passion to develop own skills and knowledge in information security and data protection compliance;
Proactive, ‘hands on’ starter finisher, high achiever, high responsibility, results driven individual;
Highly organised and able to manage and prioritise workload;
Strong problem solver with high attention to detail;
Excellent interpersonal skills with the ability to work effectively with managers across different disciplines; Client facing and personable;
Have ISO 27001 Lead Auditor/Implementer qualification;
Able to conceptualise opportunities and develop these through business development activities;
Able to undertake occasional business travel; and
Practical internal and external auditing experience.