Company client partnered with a leading insurance business looking to hire a Cyber Security consultant.
The business is embarking upon an exciting digital transformation programme which has raised the need for an additional consultant. The purpose of this role is to drive forward cultural change, help implement secure by design principals and lead our governance pillar.
Working with the technology function and wider business, the Cyber Security Consultant will champion cyber best practice and ensure projects are implementing essential cyber security controls from the outset. While building secure by design practices, the role holder will also ensure there is a streamlined process for introducing new services into the cyber operations functions, including the SOC.
Working with projects to build in secure design principles, balancing business strategy with security risk.
Organising project security testing, managing necessary remedial work and communicating go-live risks.
Development of monthly MI and reporting.
Delivering the security culture transformation work including an annual training and awareness plan.
Developing and managing cyber risk management processes
Planning audit action remedial work and managing through to closure.
Management of cyber security controls, including regular attestation and reporting any failures.
Maintenance of cyber security policies, and update in line with business and regulatory requirements.
Lead the certification pillar, helping maintain current cyber certifications and develop plan for maturity.
Embed good cyber governance processes across the business.
Work with the business on BCP and DR plans, while contributing to the maintenance of the cyber incident response plan.
Management of third-party vendors.
Skills and Experience:
Proven experience in a similar consultant or information security manager role within a mid/large sized organisation, preferably in the Financial Services sector.
Cyber security subject matter expert with a technical focus on security by design, culture, governance and risk management.
Demonstrable experience of developing and managing cyber risk management and governance processes.
Extensive experience of consulting on technical projects, building in security requirements and ensuring services go-live with minimal security risk.
Experience of obtaining and maintaining cyber certification such as Cyber Essentials, NIST, ISO27001.
Demonstrable experience of running engaging and innovative cyber awareness training programmes.
Good understanding of new and emerging cyber threats and technologies.
Knowledge of relevant legislation and relations within the UK Insurance and Financial Services marker.
Extensive experience of developing easy to understand MI packs.
If you are interested in knowing more, please apply below. You must live and have the right to work in the UK to apply.