Cyber & Information Security Practitioner - Government Projects
Our client are a trusted supplier to many high profile Government Departments, Agencies and Private Sector organisations and are currently looking for experienced Information Security consultants to work with a central government organisation in the North of England.
As a Cyber and Information Security Practitioner you will work with this client to ensure delivery of Information Security and Related Requirements. You will be familiar with ISO 27001, PCI DSS and HMG/CESG/NCSC Accreditation and security standards and practices. You will be able to work closely with clients to support, develop and maintain IT infrastructure, security architecture and design as well as be able to develop IT Security strategy and ensure IT Security best practice.
The role and your deliverables will include:
- Develop and maintain security policy documentation
- Conduct security risk and threat assessments for client deliveries
- Produce and maintain security risk documentation with clients
- Self-starter who can deliver against agreed schedule of works
- Production and maintenance of ISMS, RMADS, lightweight security documentation sets or other security related deliveries as required, including supporting clients through IT Security Testing processes and interpretation of results.
- Support, facilitate and manage accreditation activities
- Promote information security awareness with clients and delivery partners
You will naturally have an appropriate level of work experience in the field of information security and will possess a number of the following accreditations:
- ISO27001 Lead Auditor or Lead Implementer
- CESG Certified IA Professional (CCP) in one or more roles as Practitioner or Senior
- A.InstISP / M.InstISP
- Have a good knowledge and understanding of information security and standards such as ISO27001, IS1/2, CESG/NCSC GPGs and Guidance etc.
- Have a good understanding of risk management and assessment principles
- Have a good understanding of modern day IT technologies and services, such as Cloud Computing, Mobile Computing, IT Security, and Infrastructure technologies and demonstrate a pragmatic technical understanding of security architecture
We have multiple roles available and are looking for consultants to start in December or January at the latest.