Lead Information Security Consultant (CSO) - #1677854

Job ID:42048

Location:Birmingham : 1 Trinity Park : Bi, LRQA Nettitude:Birmingham :1

Position Category:Consulting

Position Type:Employee Regular

The Role

The purpose of this role is to deliver information security consultancy to LRQA clients, specialising in governance, risk and compliance (GRC). As a Lead Consultant, you will be capable of working autonomously, supporting colleagues and leading engagements to ensure that delivery of GRC services is delivered effectively, to scope and in line with budget.

This role is hybrid, with sporadic travel to client sites and LRQA offices as required.

Role

What You’ll be Doing in Your Role

Delivery

A core competency for this role is the ability to effectively deliver engagements to clients to a consistently high standard. As a Lead Information Security Consultant, you would be expected to drive engagements whilst supporting other members of the team with the ultimate aim of achieving excellent client satisfaction results.

Examples of the type of delivery activities a Lead Information Security Consultant may participate in include:

• Provision of client support to achieve compliance/certification against recognised standards such as ISO 27001, the GDPR, NIST CSF and PCI DSS.
• Independently conducted ISO/IEC 27001:2022 audit activities.
• Provision of expert advice to clients on governance structures – including policies, procedures and controls to achieve compliance and reduce risk exposure
• Cybersecurity Maturity Assessment engagements.
• Facilitation of information asset discovery workshops and engagements.
• Facilitation of risk assessment workshops and engagements.
• Delivery of business continuity scenario tabletop exercises.
• Delivery of external stakeholder training and awareness presentations.
  
  

Service Development

Effective service development is key to the success of GRC, and you would contribute to this by providing guidance and using your subject matter expertise and experience to identify, design and deliver collateral. Key activities include:

• Standardisation of all customer-facing collateral used throughout every region that we operate in.
• Implementation and development activities around new and emerging frameworks.
• Improvement / enhancement suggestions for existing collateral.
• Development of new collateral where required.
• Collaboration with the developers of LRQA’s portal to aid with integration of Information Security and GDPR requirements.
  
  

Business Experience Credentials

• Degree level qualification in Computer Science, Computer Engineering, IT, Cyber Security (or a related field) or 5 years of experience working within an information security role.
• Minimum 2 years of experience in delivering consultative engagements using well known risk management and data security frameworks, standards, and methodologies.
• ISO 27001 Lead Auditor or Lead Implementer qualification.
• CISSP/CISM (or equivalent) certification preferable.
• Experience in ISO 27001/NIST CSF implementation and use of relevant standards to build control frameworks.
• Demonstrable experience communicating complex information security concepts to top level (C suite) management.
• Experience in cyber resilience planning, security operations, and supporting less experienced security professionals.
• Effective communication skills and the ability to build rapport with key stakeholders.
• Experience in some or all of the following areas of information security:
• GDPR regulation
• PCI DSS
• CMMC
• SOC 2
• DORA
• NIS 2 Directive
• HIPAA / NHS DSPT / Healthcare regulation
• Business Continuity
• Supplier Management
• Incident Management
• Physical Security
  
  

About LRQA

At LRQA Cybersecurity, our focus is on excellence in cyber security. We have teams that offer world class services in red teaming, penetration testing, threat intelligence, research and development, detection and response, governance, risk, and compliance, and plenty more. Our business is global and so are our clients. We work closely with central banks, central and local government, critical national infrastructure, large retailers, and plenty more besides!

We’re an award-winning provider of cyber security services and at a very exciting stage of development. We are looking for the right people to join us as we embrace the challenges thrown up by the advancements within the IT industry and within the threats faced. LRQA will be at the forefront of this arena, and we want to seek the right people to join the team and make it happen.

You can find out more about us at https://www.lrqa.com/en/cyber-security-services/

Diversity and Inclusion at LRQA:

We are on a mission to be the place where we all want to work and we are passionate about embracing different perspectives because we understand the value this brings to our business, our clients and each other. We are all about creating a safer and more sustainable future and our inclusive culture is right at the heart of our business.

Together our employees make our communities better and we want you to be part of our diverse team!

LRQA is a leading global assurance provider. The integrity and expertise we bring to our partnership with clients support their journey to a safer, more secure and more sustainable future. ( Group entities ).

Copyright LRQA 2021. All rights reserved. Terms of use. Privacy Policy.