Senior Information Security Consultant

Remote England
Subcontractor /
We are seeking an Information Security (IS) Consultant to join our EMEA team. You will be an influential part of our growth and success, collaborating daily with our clients. You will help them to understand their policies, processes, and technologies from a security perspective and assist them to analyze, assess, and design effective security controls that will enable their business and its culture.  You will help them to achieve and maintain compliance and to improve their enterprise-wide security. As a subject matter expert, you will advise them on data security to help them prevent potential security breaches before they occur. You will provide services both on site and remotely, often working with multiple clients concurrently.

What you will do:

    • Conduct information security and compliance assessments and/or analysis.
    • Consult with clients and provide guidance to them.
    • Generate professional reports and statements to our clients that detail your findings and clearly articulate required advice and guidance. 
    • Serve as a Trusted Advisor, providing input on security architecture in line with industry best practices, compliance frameworks, and/or cybersecurity standards. 
    • Be a thought leader to our clients and your industry colleagues.
    • Assist our sales team with pre-sales activities, proposal creation, and solution design. 

What we would like:

    • Minimum 5 years of experience working in Information Security domains AND/OR measuring security controls, IT auditing, business processes, providing advice, and/or related security consulting experience. 
    • Experience with various information security concepts such as:
    • Network, systems, and application security.
    • Industry best practices on systems hardening.
    • Data encryption, data privacy.
    • Incident response, business continuity, physical security, risk assessments, vulnerability scanning, penetration testing report reviews, etc.
    • Experience with industry best practices and standards such as PCI DSS, CIS, ISO27001, and NIST.
    • Ability to lead client engagements individually or with a team, including scoping engagements, planning assessments, reviewing governance, performing onsite assessment activities, reporting status, writing reports, and managing client resources with the support of our project management team. 
    • (Required) One Information Security certification (i.e., CISSP, CISM, or ISO 27001 Lead Implementer), AND one Audit certification (i.e., CISA, GSNA, ISO 27001, Lead Auditor, Internal Auditor, IRCA ISMS Auditor, or CIA). 
    • (Desirable) Any PCI SSC accreditation.