Senior Information Security Consultant
About Us:
We are the tech company with people at heart.
At Advania, we believe in empowering people to create sustainable value through the clever use of technology. As one of Microsoft's leading partners in the UK, specialising in Azure, Security, Dynamics 365, and Microsoft 365, we have a proven track record of success in delivering transformational IT services.
Position Overview:
Welcome to the exciting opportunity of a Senior Information Security Consultant at Advania UK! This advert outlines the primary roles and responsibilities for this dynamic position. While the list is comprehensive, it is not exhaustive, and we believe in evolving with the needs of our business. Whether you have experience in all these duties or not, your motivation and appetite to learn are what truly matter. We provide the necessary training to help you excel in this role.
As a Senior Information Security Consultant, you will be at the forefront of engaging with clients on various cyber security projects. Your role will involve defining and delivering tailored solutions to meet client needs, establishing and maintaining processes, tooling, and metrics to ensure high productivity and operational readiness. You will also play a crucial part in project planning activities, service enhancements, and mentoring co-workers on governance, risk, and compliance issues. Your expertise will ensure that all projects are delivered with the highest quality.
Key GRC capabilities
Policy Development
Gap Analysis
Risk Assessments
Auditing
ISMS Implementation
Cyber Strategy
Ongoing Consultancy Role Responsibilities
Develop and maintain delivery processes for IT information security services to ensure are operating effectively and keeping up with latest developments in security strategy and security standards
Deliver security engagements on and off client sites around the UK and occasionally internationally
Develop and maintain tooling that supports the delivery process for GRC services
Play a significant role in long-term IT information security strategy and planning, including initiatives geared toward operational excellence Qualifications & Experience:
The right candidate for this role will have:
Professional work experience in the Governance, Risk & Compliance or security management domain
Ideally an industry recognised qualification such as CISA, CISM, CISSP or any SANS certifications In addition to above, you will be able to demonstrate capability across a number of the areas listed below:
Awareness of cyber-attack techniques and how protective monitoring systems can be used for detection, mitigation, remediation and protection
Awareness of popular security and compliance products and their capabilities or the ability to rapidly learn about security products that you come across during client GRC engagements
Exposure to automation in risk and compliance, for example through GRC portals
An understanding of well-known standards such as ISO27001, PCI DSS, as well as frameworks such as NIST.
Experience in risk assessment/analysis methodologies
Good understanding of data privacy laws such as GDPR and ability carry out compliance audits
Developing and delivering user awareness training to clients through online content and in person high impact classroom-based training The budgeted base salary for this role is between £60,000 - £80,000 per year.
Click here for the list of benefits.
This is a remote-first hybrid role. See here for details about our hybrid workstyle.
#LI-Hybrid
Our Selection Process:
We are committed to ensuring an equitable experience for all candidates, regardless of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law.
Please do let us know if you'll need any reasonable adjustments as part of the selection process by highlighting these on your application form.
As part of our commitment to our clients we will need to carry out background checks, including a criminal record check, for all offers of employment. If you have any unspent criminal convictions or questions about the screening process, please notify your recruiter once the application has been submitted