Smartdesc - charity IT specialists

Information Security Consultant

Smartdesc - charity IT specialists

full-time

Posted on:

Location Type: Hybrid

Location: LondonUnited Kingdom

Visit company website

Explore more

AI Apply
Apply

Salary

💰 £70,000 - £80,000 per year

About the role

  • Identifying steps that organisations need to take to improve their security position and creating roadmaps for continuous improvement, often maximising the use of existing Microsoft licensing and supporting them through the process.
  • Alignment of good practice frameworks and standards such as Cyber Essentials, NCSC CAF and ISO 27001.
  • Ownership or oversight of key Information Security processes and procedures.
  • Implementation and ownership of Information Security Risk Management programmes.
  • Identifying and managing remediation actions to reduce risks.
  • Ownership or oversight of Information Security Policies.
  • Development and Implementation of general and role/function specific Information Security Training and Awareness programmes.
  • Raising, investigating and managing or supporting IT Security incidents ensuring any necessary follow up actions.
  • Providing IT security support to business functions including digital teams, IT infrastructure and IT Service Desk.
  • Development and ownership of the Information Security Internal Audit programmes.
  • Oversight of rolling programmes of security tests, reviews and audits.
  • Writing Information Security reports and delivering the findings to key stakeholders.

Requirements

  • Previous consulting experience is required, preferably to SMEs, non-profits or educational settings
  • Knowledge and experience with technology, security and DP related compliance, legal & regulatory frameworks and standards, including Cyber Essentials, ISO27001, PCI DSS, OWASP, GDPR etc.
  • Knowledge and experience of the Microsoft stack. Purview experience is beneficial.
  • Ability to demonstrate expert knowledge and understanding of information security good practice.
  • Experience in working with technical and non-technical business personnel at various levels, articulating security risks in a manner appropriate to the stakeholders.
  • Strong attention to detail.
  • Knowledge of Information Security principles and concepts and knowledge of technical security controls.
  • A positive can-do attitude and a self-starter who can work under their own initiative.
  • Information Security certifications such as CISSP or CISM are beneficial as are Microsoft certifications especially from the SC series such as the SC-400/401.
Benefits
  • Gym membership contribution
  • Health Cash Plan
  • Increased annual leave with length of service
  • Free annual leave on your birthday
  • Length of service bonus
  • Flexible working hours
  • Hybrid working
  • Free Will Writing service
  • Life Insurance
  • And much more!

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
Information Security Risk ManagementInformation Security PoliciesInformation Security TrainingInformation Security AuditsSecurity TestingCompliance FrameworksTechnical Security ControlsMicrosoft StackCyber EssentialsISO 27001
Soft skills
Attention to DetailCommunicationStakeholder ManagementProblem SolvingSelf-StarterInitiativeConsultingArticulation of Security RisksCollaborationAdaptability
Certifications
CISSPCISMMicrosoft SC-400Microsoft SC-401