Cyber Risk and Assurance Consultant

Integrity360 is the largest independent cybersecurity provider in UK & Ireland, with Security Operations Centers in Dublin, Sofia and South Africa, and with around 580 employees, of which over 80% are technical.  We help our clients proactively identify, protect, detect and respond to threats against the ever-evolving cyber threat landscape.

Our ‘Security First’ approach positions security as an enabler and empowers our clients to do business securely.  In tandem with this is the requirement for our clients to manage cyber risk and compliance appropriately and proportionately in order to demonstrate effective corporate governance over their cyber estate, and that it is aligned to strategic business objectives.

Job Role & Responsibilities

We are currently seeking an energetic individual who wishes to further their career in the IT Risk, Compliance, and Security Consultancy space.  Integrity360’s Cyber Risk and Assurance team is working in a rapidly growing, fast paced environment with significant opportunities for development.  The successful candidate will provide deep, pragmatic and relevant advice to our clients, specifically surrounding Governance, Risk and Compliance elements of their business.

We cherish our talent, we nurture their skills, and we ensure they gain exposure to many sectors.  We ensure that they enjoy many positive and productive challenges and plan a path that helps them achieve their career goals.

Primary Duties/Responsibilities include:

·       Act as a virtual CISO on behalf of our customers

·       Strategically advise on, and manage the various risks associated within the client environment to safeguard information security.

·       Work with senior stakeholders where appropriate to embed security expertise in other functions.

·       Lead all aspects of, and continuously improve the governance and management of security to reflect changing technology, threat landscapes, regulatory requirements, and industry standard methodologies.

·       Provide expert counsel and mentorship to clients’ senior leadership (including the board of directors) on security and its impact across business strategy, programs, products/services, and operations.

·       Guide the team and maintain compliance and security policies, standards, frameworks, procedures and guidelines, and ensure that they are aligned with the strategy and compliance programs.

·       Lead all aspects of, and continuously improve the governance and management of security and privacy to reflect changing technology, threat landscapes, regulatory requirements, and industry standard methodologies.

·       Conduct privacy impact assessments and guide the customers in implementing good data privacy practices.

·       Work collaboratively with clients to assist in defining privacy and security governance requirements.

·       Evaluate the design and the effectiveness of clients’ current privacy and security controls from a risk, compliance and assurance perspective.

·       Identify opportunities for improvement for the customers whilst liaising closely with our extensive Sales team to develop leads for our technical services.

·       Assist our Sales team in developing proposals and respond to tenders and RFPs.

·       Conduct privacy and security audits.

·       Travel (national and international) may be required as part of this role, and as such a clean driving licence and access to a car are essential.

Desired Skills

·       A good level of senior leadership experience in risk, compliance and security management.

·       5+ years of experience in Cyber Risk, Compliance, and Security Management and Data Privacy.

·       Experience working with C-Level executives.

·       Excellent written and spoken communications skills and ability to deliver strong presentations to “C” level and technical audiences.

·       Excellent listening skills are essential so that you can communicate with the client, empathise with their situation and be able to demonstrate your understanding of their issues.

·       Flexibility in working methods and times (role may require you to work extra hours should the client call for it)

·       Experience working with Software/Infrastructure/Platform-as-a-Service solutions and architectures.

·       Excellent communication skills, especially the ability to communicate security and risk-related concepts to technical and non-technical audiences.

·       Ability to understand the business context and technology challenges and handle uncertainty and apply appropriate security solutions in response to multiple risks and needs.

·       Strong ability to understand PII and data flows from a technical perspective.

·       An ability to work with limited guidance but also as part of a mixed skilled team

·       Ability to understand technical requirements and functionality.

·       Ability to see the big picture and have a keen eye for detail in different situations while making sure the message is clear and understood by all levels within a business.

·       Strong understanding of industry standards in privacy (GDPR, ISO 27001, ISO 27701, ISO 27018).

·       Knowledge of relevant risk, compliance, and security frameworks, standards and regulations (such as SOC2, Cloud Security Alliance (CSA), NIST, COBIT, PCI-DSS, GDPR, DPA, ISO270xx, ISO31000).