We are looking for an accomplished, enthusiastic, and conscientious self-starting experienced consultant to provide impartial and independent advice and guidance on information risk management. Relevant information assurance experience and qualifications are required within the Security and Risk Consultancy Service.
* Making and recording accreditation decisions, confirming that residual risks on behalf of their organisation(s) are within the risk appetite(s) as recorded in relevant risk documentation escalating as appropriate.
* Identifying information risks that have implications beyond the relevant risk methodology and communicating them to the relevant owners.
* Ensuring relevant standards and policies are appropriately applied.
* Ensuring that all information risk management artefacts that are the responsibility of the Accreditor are established, proactively monitored, and kept up to date.
* Establishing risk assessment and agreeing the controls that will cover physical, personnel, procedural and technical domains.
* Building open and honest collaborative relationships with Risk Owners, IA Security Managers and any other key stakeholders using narratives to influence behaviours and actions, to meet the organisation's security requirements.
* Providing constructive and timely advice on information risk mitigation strategies and their implications.
* Providing updates on and relaying key issues pertaining to Risk Owners in team meetings and reviews.
* Proactively collaborating and sharing knowledge with other Information Assurance professionals.
* Ensuring that technical and business skills remain current, making time for personal development to be able to articulate risks in a way that is meaningful to others.
* Being able to justify their accreditation decision to stakeholders in terms of business objectives, threats, risks, vulnerabilities, controls, and business impacts.
* Providing constructive, pragmatic, and timely advice to others on whether proposed solutions are likely to result on significant risks that may go beyond the risk appetite of the business.
* Provide a comprehensive knowledge transfer on completion of individual tasking to an identified point of contact.
* Broad and expert knowledge of security controls and systems.
* Demonstrable experience in producing risk assessments in a UK Government environment.
* Demonstrable experience in providing security consultancy and technical IA solutions in a UK Government environment.
* Demonstrable experience in conducting compliance audits against standards, e.g. ISO27001.
* Familiarity of HMG Security Policy Framework, Information Assurance Standards and good practice.
* Relevant professional qualifications e.g. CISSP, ITPC.
* CCP membership desirable.
Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks.
LA International Computer Consultants Ltd is an HMG Approved Consultancy and operates as an IT & Engineering Consultancy or as an Employment Business & Agency, depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, we welcome applications from all sections of the community and from people with diverse experience and backgrounds.
Award Winning LA International Computer Consultants Ltd (Recruiter Awards for Excellence - Best IT, Best Public Sector & Gold Awards) and the most prestigious award that any business can receive The Queens Award for Enterprise: International Trade 2015.