Connecting to LinkedIn...

Information Security Risk Consultant

Job Title: Information Security Risk Consultant
Contract Type: Contract
Location: London, United Kingdom
REF: 1239
Contact Name: Mark Gale
Contact Email:
Job Published: over 1 year ago

Job Description

Information Security Risk Consultant - London


Position Summary:

You'll provide expertise and assistance to ensure that infrastructure and information assets are sufficiently protected. Working with the Information Security team, the individual will perform risk assessment reviews to support the supplier due diligence process. The Information Security Risk Consultant will use initiative to select and advise on the appropriate methods necessary for risk remediation and continual risk monitoring.  


  • Participates with business team(s) to gather a full understanding of project scope and business requirements
  • Assists in the development of processes and procedures pertaining to risk assessments, assessment finding mediation and assisting risk owners with remediation plans.
  • Assesses business requirements against security concerns and articulates issues and potential risks to business stakeholders.
  • Analyses third party processes and requirements to determine conformance to security policies and procedures.
  • Works directly with the third parties and internal departments to facilitate information security risk analysis and risk management processes and to identify acceptable levels of residual risk.
  • Creates, disseminates and updates documentation of identified information security risks and controls.
  • Provides support in the creation of reports which articulate information security trends and vulnerabilities.
  • Assesses threats and vulnerabilities regarding information assets and recommends the appropriate information security controls and measures.
  • Manage and maintain the Information Security Risk Register


Experience /Skills

The ideal candidate will have diverse experience in the following areas:

  • 5 + years Information Security experience
  • Risk Management Background
  • Supplier Security Assessments
  • Experience with working within a control framework
  • Knowledge of ISO 27000 series of standards, NIST Cybersecurity Framework, CIS Critical Security Controls.
  • Effective interpersonal skills necessary to collaborate and influence all levels of personnel.
  • Proficient verbal and written communication skills



  • Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)
  • CRISC (Certified in Risk and Information Systems Control) or other risk-related certifications.