Information Security Professional - Global Consultancy

Information Security Professional – Global Consultancy

A leading capital programmes professional service provider with a clear vision and over 8000 employees in 100+ offices across 40+ countries is seeking an Information Security professional to join their team.

The role involves working with the Information Security team to provide advice and guidance on IT security, develop IT policies and processes, and review all aspects of the IT environment. The successful candidate will proactively improve and provide advice on information security matters and support enterprise-wide solutions.

This is an excellent opportunity for candidates with a strong understanding of IT infrastructure and/or information security in a fast-paced environment. SOX control responsibilities may be part of this role.

Key Duties and Responsibilities

• Assist with security incident management and response activities.
• Provide day-to-day support on managing and responding to security alerts from systems and end users.
• Perform daily, weekly, and monthly security checks, reconciliation, and compliance checks, and investigate exceptions.
• Complete client security requirement questionnaires and support the bidding process.
• Identify and raise awareness of security risks.
• Develop and enhance security policies, processes, procedures, and technical controls to security capabilities and resilience to cyber threats.
• Take a proactive role in identifying security risks, mitigations, and opportunities to strengthen resilience to cyber-attacks and security incidents.
• Participate in the design and implementation of systems and applications.
• Develop user and technical training guides.
• Maintain and manage the IT Risk register.
• Test DR plans and capabilities to ensure they work as designed, identifying gaps and lessons learnt, and work with the business to drive continual development and enhancement.

Experience & Skills Requirements

• Two years of hands-on experience in security and/or infrastructure within an enterprise environment.
• Exposure to enterprise information security standards, including Cyber Essentials, ISO 27001, 27002, Data Protection Act, and the General Data Protection Regulation.
• Microsoft O365 Security solutions, Networking, Security operations, Vulnerability Management, and Security Auditing.
• Good understanding of security testing principles, including experience of vulnerability scanning, identifying, resolving, and reporting risks.
• Experience of formal document creation, such as the creation of reports or procedures.

Detailed knowledge of:

• Threat Intelligence analysis and best practice.
• Security Incident Response processes, procedures, and best practices.
• Disaster Recovery and Business Continuity principles.

We offer a range of benefits, including 25 days of holiday, bank holidays, life, health, child vouchers, gym membership, and pension. Our company also provides a positive work environment with monthly socials, a Christmas party, and a summer BBQ.

The role is based in West Yorkshire.