Security & Information Risk Advisor - Cyber Security - Inside IR35
Based in Exeter(working from home until further notice) an Security & Information Risk Advisor is required on a contract basis to carry out cyber security risk assessments for new and existing systems and services.
Responsibilities of the role:
- To facilitate and support cyber security information risk management. Bringing together an understanding of:
- The needs of people and the organisation
- The threats they face
- The vulnerability of technology and information
- To provide pragmatic expert information security advice and guidance to change activities to enable them to achieve and maintain the appropriate level of information assurance to meet legal, regulatory and customer requirements.
- Provide assurance to Information Asset Owners and other stakeholders that their information assets are being adequately protected.
- Advise on appropriate security controls, including; security solutions architecture; policies and procedure
- To keep up to date with all aspects of Information Assurance and carry out reviews of where these could be used.
Skills and experience required:
- Proven experience working as an Information Assurance professional.
- Capable of making and guiding effective decisions on risk, explaining clearly how the recommendations have been reached. Able to make recommendations proportionate to the level of risk and technical complexity.
- Detailed working background in IT with demonstrable experience resulting in a high-level of understanding of the application of Information Assurance principles within a diverse business environment.
- Strong communication and interpersonal skills with the confidence to inspire, inform, engage and influence at all levels of the organisation and the wider Government Information Assurance community.
- Able to work with business and technology stakeholders to understand the information assurance implications of business change and to provide pragmatic advice.
- Evidence of implementing changes in working practices
- A relevant degree or Information Assurance professional qualification e.g. CISSP, Certified Professional (CCP)
- Demonstrable working knowledge of the requirements of an Information Security Management System as specified in the ISO27001 standard and the recognised security controls as documented in the ISO27002 standard.
- Demonstrate a commitment to continuing professional development
- Current Security clearance.
Please note this role is inside IR35 and candidates will not be able to work through a Limited Company.
If you would like to be considered for this role please don't hesitate to click apply or call Siobhan O'Halloran on 0161 519 0487 for more information.