- Permanent, Full time
- Schroders Investment Management
- London, England, United Kingdom
- Full time
Information Security Consultant
Information Security ConsultantSchroders is seeking an experienced Information Security Consultant. The key functions of the role are to protect the assets of the organisation by ensuring all people, processes and technology operate in a secure manner.
• The information security Consultant is responsible for ensuring organisational assets are secured appropriately based on their importance to the organisation.
• To provide advice and guidance on how to minimise the impact to the business of potential threats to the network or assets
• To liaise with potential or current partners and suppliers to the business and evaluate the information security levels of the company or products.
• As required assist and provide guidance to business stakeholders, project managers and solution architects through the lifecycle of a project related to project and business change.
• As required investigate the vulnerability of the business to potential malicious attacks and recommend defensive actions.
POLICY, STANDARDS, PROCEDURES AND GUIDELINES:
• To ensure that information security policies are implemented, enforced, monitored and complied with and to ensure the business embraces a culture of Information Security.
• To develop and ensure data security procedures are approved that provide the more detailed steps that service areas need to adhere to in order to implement that data security policies.
• Work with Enterprise and Infrastructure Solution Architects to advice on all Information Security Risks with regards to infrastructure, changes to processes or project implementations. To critique the high and low level designs within projects. Working on all such projects throughout their lifecycle to ensure the business meets compliance and regulatory requirements.
• To assist in taking timely action resulting from any risk assessment recommendations. This may involve liaison with other departments, partners or suppliers. It is essential to keep the CISO informed if there are any issues of non-compliance.
KEEP ABREAST OF DATA SECURITY TRENDS:
• Be aware of current and possible future trends in information security and take into account current business procedures, to define and develop procedures and policies for appropriate and secure use of the businesses IT systems.
• Adherence to standards, including ISO27001 and Information Technology, PCI-DSS and Infrastructure Library (ITIL)
• Hands on experience with Security technologies and the ability to speak to and consult back to senior business figures.
• You will ideally come from a Financial Services or Consultancy background.
• Strong and in depth knowledge of SABSA, NIST, COBIT , ISO27001 (training or certification in this area would be particularly advantageous).
• Strong communicator - written and verbal with the ability to produce quality reporting and documentation.
• Experience designing and reviewing IT and Security Architecture.
• Knowledge of IT Networking and Infrastructure.