IT Security Consultant
Develop and enforce security policies and standards across information assets to mitigate risks and ensure ongoing governance and assurance activities of the IT security framework.
- Consult with management in developing, documenting and managing information security policies, standards and guidelines for the information assets to ensure effective security controls are in place and maintained to protect assets.
- Undertake activities to ensure compliance of IT infrastructure against approved security policies, standards and guidelines.
- Conduct security threat and risk assessments for defined business applications, infrastructure designs or IT projects.
- Certify systems prior to implementation against security policies and standards.
- Assist in the development of security awareness training programs and ongoing compliance. Interpret reports from other security teams to identify where new controls and policies should be implemented to improve security across the infrastructure.
- Assist in the ongoing assurance of the information security processes and practices.
- Maintain registers of policy exemptions and non-compliance; makes recommendations where policy exemptions should be granted.
- Configure and review security reporting to other IT security and IT groups as well as business areas to meet security and business requirements.
- Provide analysis of reporting and create metrics required to illustrate security risk and compliance to Senior Management, the Executive Committee and Risk Management Committee.
Skills & Experience:
- Knowledge of Information Security principles and practices across infrastructure and applications.
- Strong analytical skills and attention to detail.
- Experience in developing security policies, guidelines and procedures.
- Experience and ability to communicate with all levels of the business.
- Proven experience in completing tasks and projects with minimal supervision.
- Finance or Banking experience ideal