Are you a GRC Consultant at the top of your game? Are you excited by new challenges? Are you a strategic thinker with the desire to deliver for clients?
As a Senior GRC Consultant, the successful candidate will be a key part of the GRC Team. Your responsibilities will be to ensure the consultancy requirements are delivered through projects and change initiatives being implemented for clients and partners. You will be an extremely effective and valuable part of the GRC team, with responsibility across multiple service delivery functions. You will drive delivery, standardisation and assurance across all project functions in the field of information security consultancy.
The culture that you will be working in will be one of dynamism and strong teamwork, the team is looking for individuals that can listen, absorb, analyse, assess and report information security issues to clients with passion and aplomb. We are passionate about the work that we do for our clients in order to ensure that their cyber-resilience is second to none. This is why our consultants are highly regarded because we help make our clients better their cyber resilience.
Roles and Responsibilities:
- Effective communication with internal and external stakeholders across client portfolio to ensure Information Security capabilities are articulated and understood in a technical support role.
- Assist the sales team in pre-sales capacity in understanding technical requirements, facilitating consultancy engagements that meet both business needs
- Effective introduction of the beneficial security risk outcomes for clients in line with their business and risk appetite, using the range of consulting capabilities.
- Ability to communicate information security threats and their impact to clients at all levels in technical and layman terms.
- In support of the Senior Information Security Manager, assist with the analysis of requirements and design of clients' information security posture, as well as Legal, Regulatory and Scheme security requirements.
- Support the team in delivery of work streams for clients in compliance standards such as PCI DSS, ISO27001, EU GDPR and incident management disciplines.
- Assist with the execution of 3rd party security reviews to ensure controls are appropriate and in line with the required standards, as well as Legal, Regulatory and Scheme security requirements.
- Provide support and assistance to the wider business with the maintenance of Information Security and Compliance internal projects (e.g. CREST, ISO27001).
- Research and evangelise new ideas and concepts for the business that will enhance and fortify the service offerings for the team.Attributes:
- CANDIDATE REQUIREMENTS
- Proven ability to make sound pragmatic decisions and judgements under tight timelines.
- 3- 5 years' experience in IT Governance, Risk & Compliance
- Ideally will have a CISSP, CISA or CISM qualification
- Excellent analytical and communication skills, self-driven and able to work independently as well as part of a team
- Strong stakeholder engagement skills with the ability to connect and communicate at all levels across the organisation.
- Ability and capacity to absorb large volumes of information and articulate a solution in a verbal and written format.
- Experience of risk management principles and associated methodologies.
- Strong interpersonal and influencing skills with the ability to influence and drive change in a collaborative way both internally and externally
- Proven ability to make sound pragmatic decisions and judgments under tight timelines.
- Previous experience in being part of a team within an Information Security function.
- You will be based from home but expected to travel with the London and Home Counties frequently. There will be international travel to our offices in Europe and the US.