Managing Information Security Consultant; GRC

Job

Location:

Birmingham : 1 Trinity Park :
Bi, LRQA - London - 4 Moorgate
Position Category:
Consulting
Position Type:
Employee Fixed Term

At LRQA Cybersecurity, our focus is on excellence in cyber security. We have teams that offer world class services in red teaming, penetration testing, threat intelligence, research and development, detection and response, governance, risk, and compliance, and plenty more. Our business is global and so are our clients. We work closely with central banks, central and local government, critical national infrastructure, large retailers, and plenty more besides!

We're an award winning provider of cyber security services and we're at a very exciting stage of development. We are looking for the right people to join us as we embrace the challenges thrown up by the advancements within the IT industry and within the threats faced. LRQA will be at the forefront of this arena and we want to seek the right people to join the team and make it happen.

The purpose of this role is to deliver information security consultancy to LRQA clients, specialising in governance, risk and compliance (GRC). As a Managing Consultant, you will also assume leadership or management responsibilities - for example: people management or service development and ownership. This role is hybrid, with occasional travel to client sites and LRQA offices as required.

A core competency for this role is the ability to effectively deliver engagements to clients to a consistently high standard. As a Managing Information Security Consultant, you would be expected to drive engagements whilst supporting other members of the team with the ultimate aim of achieving excellent client satisfaction results.

• Provision of client support to achieve compliance/certification against recognised standards such as ISO 27001, the GDPR, NIST CSF and PCI DSS.
• Independently conducted ISO/IEC 27001:2022 audit activities.
• Provision of expert advice to clients on governance structures - including policies, procedures and controls to achieve compliance and reduce risk exposure.
• Cybersecurity Maturity Assessment engagements.
• Facilitation of information asset discovery workshops and engagements.
• Facilitation of risk assessment workshops and engagements.
• Delivery of business continuity scenario tabletop exercises.
• Delivery of external stakeholder training and awareness presentations.

• Mentor, coach, and guide team members to enhance their technical and consulting capabilities.
• Develop and deliver training programs on GRC, risk management, and information assurance best practices.
• Establish thought leadership by contributing to white papers, webinars, and conferences in the GRC space.
• Collaborate with cross-functional teams to drive continuous improvement in service delivery and client satisfaction.

Liaising with the Pre-Sales team and account managers, attend client meetings and scoping calls to aid in the effective scoping of engagements and delivery of customised consultancy services, leveraging other LRQA Cybersecurity products and services where appropriate. This will involve:

• Identification of client requirements
• Effort estimation
• Consultative sales where a need is identified (Light)

Effective service development is key to the success of GRC and you would contribute to this by providing guidance and using your subject matter expertise and experience to identify, design and deliver collateral. Key activities include:

• Standardization of all customer-facing collateral used throughout every region that we operate in.
• Implementation and development activities around new and emerging frameworks.
• Improvement / enhancement suggestions for existing collateral.
• Development of new collateral where required.
• Collaboration with the developers of LRQA's portal to aid with integration of Information Security and GDPR requirements.

• Degree level qualification in Computer Science, Computer Engineering, IT, Cyber Security, or a related field…