Senior Information Governance Security Consultant

Home-based. You must live in the UK. £55,000 to £70,000 depending on experience

Hytec are looking for an Senior Information Governance Security Consultant. As an Information Governance (IG) and Information Security (IS) consultant with strong experience within the area of Governance, Risk & Compliance, you will have the opportunity to provide a variety of professional information governance and information security services to both public sector and private clients. You will deliver a variety of security projects, including helping our clients to implement risk management and security controls, assessing against Cyber Essentials and/or ISO27001 certification, creating assessment reports and improving organisations security position. This role will be client-facing activities both remote and onsite, assisting sales with client enquiries with a keen eye for detail and proven ability of delivering good practice.

Key Responsibilities

Delivering IG and IS services to new and existing clients, including gap analysis risk assessment and treatment, auditing, implementation, and other good practice consultancy for recognised cyber security standards including:

• Assessing new and existing client’s current position against security standards such as Cyber Essentials, Cyber Essentials Plus, ISO 27001 for certification purposes.

• Identifying steps that organisations need to take to improve their security position and supporting them through client certification.

• Carrying out audits to ensure that security controls are effective.

• Writing Information security reports and delivering the findings to key stakeholders.

• Delivering continuous assessment of current security practices and systems and identifying areas for improvement.

• Assisting with the development and growth of the core Information Governance and Cyber Security offerings, refining the service further and documenting new methodologies i.e., Information Security Management System (ISMS).

• Providing IG mentoring to other colleagues where appropriate, working as part of the wider Hytec MSP and MSSP teams.

• Maintaining excellent communication with customers and internal teams.

• Carry out other security related duties as required, i.e., facilitating awareness workshops / exercises.

• Assisting with pre/post sales and marketing activities as required.

• Ability to work independently and with minimal supervision.

Key Tasks

You will be responsible for the effective and efficient delivery of recognised consultancy service lines including (but not limited to):

• Gap analysis risk assessment and treatment, auditing, implementation, and other good practice consultancy for recognised cyber security standards including:

• The NCSC Cyber Assessment Framework (CAF)

• Cyber Essentials and Cyber Essentials Plus for client certification purposes.

• ISMS review, implementation and accreditation (ISO 27001)

• Threat and risk assessment

• Security policy development and review

• Security training and awareness

Skills & Attributes Required

• Knowledge and experience in IT Governance, Risk & Compliance relevant to cloud and on-premise technology stacks, security and DP related compliance, legal & regulatory frameworks and standards, including Cyber Essentials Plus, ISO, ISO27001, Penetration testing, GDPR, others.

• Experience of risk management principles and associated methodologies.

• ISMS implementations and audit experience to ISO 27001.

• ISO 27001 and Cyber Essentials in-depth working knowledge.

• Ability to demonstrate expert knowledge and understanding of information security good practice.

• Ability to provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.

• Experience in working with technical and non-technical business personnel to C level, articulating security risks in a manner appropriate to the stakeholders.

• Previous experience in delivering security awareness related activity.

• Previous experience in third party assurance activities.

• Knowledge of Information Security principles and concepts and knowledge of technical security controls.

• Well organised, proactive and has excellent troubleshooting skills.

• Strong presentation development and customer communication skills.

• Proven ability to make sound pragmatic decisions and judgements under tight timelines.

• Information Security certifications such as CISSP, CISA, CISM, CEH are beneficial.

• Experience working with DTAC, DSPT, CAF and PSN beneficial.

• Experience working with local government is desirable.

Who are Hytec?

Hytec supports the protection of data through managed cyber security, information governance, risk and compliance services. With over 30 years of experience in cyber security, we are widely recognised as experts in our field.

Our team of experienced security professionals, with a combined 200+ years of cyber security experience, has a deep understanding of the latest threats and trends in the cyber security landscape, and we are well-equipped to provide comprehensive and effective protection for organisations of all sizes.

Working across the public and private sector, Hytec is one of the few organisations suitably qualified to advise local authorities, health and healthcare suppliers on matters relating to IT security. Our consultants are specially trained experts who are aware of, and continually monitor changes to the many “baseline” standards that exist in the UK. We contribute regularly to speaking engagements when information security and assurance is on the agenda.

Benefits

🙌 Flexible working hours based around core hours and a relaxed working environment
🏢 Flexible working – we have people who love to come to the office, those who enjoy a mixture of home and office working, and lots of home-based colleagues around the UK
🏖 Enjoy your downtime with 25 days leave rising to 30 after 2 years (plus bank holidays)
Summer working hours
💰 Enhanced workplace pension scheme – salary sacrifice
🤕 Paid sick leave – enhanced sick pay for a generous period
🤒 Life assurance scheme
❤️ Compassionate and Bereavement leave for those difficult times in life
🧠 Mental health wellbeing – access qualified therapy-based support through our employee assistance programmes
👩🏾‍⚕️ Workplace wellbeing – we offer support, advice and access to a wealth of resources and encourage open conversations
🌈 Parental leave – enhanced maternity and paternity pay
💻 Eyecare vouchers

Equal Opportunity Employer: We celebrate diversity and are committed to creating an inclusive environment for all employees.