Cyber Security Consultant
- Posted 10 March 2023
- Salary Up to £458 per annum
- Job type Contract
- DisciplineSoftware Engineering
- Contact NameRochelle Bruce
Length: 6 Months
Location: 100% Remote
Client: Financial Services
My Banking client is looking for 4 x Cyber Security Consultants for an initial 6 month project that will extend.
The role us sitting in the the Cyber Projects Team and you're joining a fast paced, energetic environment to solve difficult business challenges whilst maintaining the security posture.
As a Security Consultant, you will provide a specialist Cyber security service by performing third party security reviews on new to bank suppliers, which will range from well established IT firms to fledging Fin-techs.
You will provide advice to projects, change initiatives and Senior Management across the Group that are building customer and internal solutions.
You will also provide advice and guidance to skillfully balance the customer and user experience with Cyber security risks to ensure that solutions remain within the Group's risk appetite.
- Conduct robust assessments of proposed third party services or software to ensure that security risks are identified and appropriately
- Report your findings and and define recommendations to remediate any control gaps identified through the course of the review.
- Develop Information Security focussed questions for the initial RFI / RFP process
- Provide an information security opinion on each proposal, ensuring the key risks are identified and articulated to the project.
- Provide advice and Guidance to Legal/Procurement on the content of the security provisions
- Manage a number of varied stakeholders involved in on-boarding new suppliers
- Develop and build relationships internally and externally with key business and technical stakeholders, central functions and key third parties and supplier contacts supporting onboarding.
- Ensure that security requirements and controls are implemented by working closely with Design, Build and Test resources, as well as Business Stakeholders and suppliers.
- Ensure that relevant security risks are identified and articulated to a high standard for review in line with risk appetite.
- Design security tests to a granular level and work closely with the business to manage any remedial activity
- Taking difficult business issues and creating win-win outcomes for Security and the Business.
Essential Skill Set:
- Extensive knowledge and understanding of the security related technical controls which prevent / mitigate Cyber Security risks.
- Working knowledge and demonstrable experience of information security related policy, standards and methodologies and associated information security legislation and scheme standards, particularly the ISO27001 Framework.
- Understanding of the attack vectors, methods and actors in relation to Cyber security
- Superb stakeholder management & influencing skills
Desirable Skill Set:
- Formal Cyber security accreditations
- Knowledge of current information security standards and regulations such as PCI-DSS, ISO27000 series, GDPR, PSD2