Information Security Consultant

Job Description

Information Security Consultant

Location: Leeds (onsite)

Type: Perm

Overall Requirement

We are looking to recruit an Information Security Consultant to join our existing Information Security team.

Working with the Information Security team to provide advice and guidance on IT security and further develop IT policies and processes across a multiregion infrastructure consisting of 8300 staff and 100 sites.

As a member of the IT Security team you will review all aspects of the IT environment and its components. This role shall be responsible for supporting and maintaining enterprisewide solutions. The successful candidate will be required to proactively improve and provide advice and guidance on information security matters.

We believe this is an excellent opportunity for candidates who have a strong understanding of IT infrastructure and/or information security within a fastpaced environment.

SOX control responsibilities may be part of this role which are to be adhered to where applicable.

Key Duties and Responsibilities

• Assist with security incident management and response activities
• General daytoday support on managing and responding to security alerts from systems and end users
• Perform daily weekly and monthly security checks reconciliation and compliance checks and investigate exceptions
• Completing client security requirement questionnaires and support the bidding process
• Identify and raise awareness of security risks
• Develop and enhance security policies processes procedures and technical controls to strengthen security capabilities and resilience to cyber threats
• Take a proactive role in identifying security risks mitigations and opportunities to strengthen resilience to cyberattacks and security incidents
• Participate in the design and implementation of systems and applications
• Develop user and technical training guides
• Maintain and manage the IT Risk register
• Test DR plans and capabilities to ensure they work as designed identifying gaps and lessons learnt and work with the business to drive continual development and enhancement

Technical Requirements

• Two years handson experience of security and/or infrastructure within an enterprise environment
• Exposure to enterprise information security standards including Cyber Essentials ISOetc. Data Protection Act and the General Data Protection Regulation
• Microsoft O365 Security solutions; Networking; Security operations; Vulnerability Management; Security Auditing
• Good understanding of security testing principles including experience of vulnerability scanning identifying resolving and reporting risks
• Experience of formal document creation such as the creation of reports or procedures

Detailed knowledge of:

• Microsoft O365 environment
• Threat Intelligence analysis and best practice
• Security Incident Response processes procedures and best practices
• Disaster Recovery and Business Continuity principles
• Event and log analysis

Core Behavioural Skills

• Confident individual with the good interpersonal skills able to deal with people at all levels and communicate to users in a clear nontechnical language
• Teamplayer
• Analytically minded able to break down and understand information
• Must be comfortable with working in a fastmoving dynamic environment
• Strongly customerfocused used to providing support to demanding users
• Good organisational skills used to managing and prioritising own workload
• Ability to report on progress timescales outstanding and completed activities