Information Security Consultant

A leading consultancy business serving clients across the globe in the real estate, infrastructure and natural resources sectors is currently hiring an experienced Information Security Consultant to join their team. Working to help major global clients, they deliver ambitious and highly technical projects across 110 offices globally.

The Role

Joining the IT Security team, you will be providing advice and guidance on IT security and further develop IT policies and processes across a global infrastructure. You’ll be reviewing every aspect of the IT environment and its components while designing and implementing enterprise-wide solutions.

Key Duties and Responsibilities

•Develop and enhance security policies, processes, procedures and technical controls to strengthen security capabilities and resilience to cyber threats.
• Take a proactive role in identifying security risks, mitigations and opportunities to strengthen the company’s resilience to cyber-attacks and security incidents.
• Participate in the design and implementation of systems and applications.
• Assist with security incident management and response activities.
• Implement and manage the Microsoft MFA environment to protect critical systems and information and to secure and protect end user devices by introducing controls in line with IT policies.
• Maintain and manage the IT Risk register ensuring that risks are regularly reviewed, correctly identified and mitigated.
• Perform regular, proactive reviews of system audit logs to identify inappropriate usage, system configuration issues and faults.
• Test DR plans and capabilities to ensure they work as designed, identifying gaps and lessons learnt to drive continual development and enhancement
Experience and Qualifications.
• Excellent hands on experience of security and/or infrastructure within an enterprise environment.
• Comprehensive experience and in-depth knowledge of enterprise information security and standards including Cyber Essentials, ISO 27001, 27002 etc. Data Protection Act and the General Data Protection Regulation.
• Microsoft O365 Security solutions; Microsoft core OS; Networking; Security operations; Penetration testing; Security Auditing; Forensics; Security architecture.
• Good understanding of security testing principles, including experience of penetration testing, identifying, resolving and reporting risks.
• Detailed knowledge of Microsoft O365 environment.
• Security Incident Response processes, procedures and best practices.

Reference code: JR155