|Job company||Uni Systems|
|Job specification:||Posted by
HR Generalist at Uni Systems
Member of the ICT & Managed Services Technical Division, the Information Security Consultant ensures that both software and infrastructure is designed and implemented to the highest security standards. Aiming to enhance the information security posture as a whole, the job holder proposes and analyzes information security solutions as well as implementations from a security perspective. Primary responsibilities include:
Development and application of Information Security Management System (ISMS), including security policies, procedures, guidelines in order to comply with the ISO 27001 framework.
Development and application of Business Continuity Management System (BCMS), including security policies, procedures, guidelines in order to comply with the ISO 22301 framework.
Assess, design and implementation of end-to-end privacy and security projects/solutions, including the development of strategy, architecture, processes, governance, training/awareness etc., in order to comply with existing frameworks (e.g., ISO 27001, ISO 22301, GDPR).
Meet with clients in order to advise them on new services/solutions
Provide an effort estimation of the project
Create and conduct presentations regarding all aspects of the project/solution
Attend client meetings in order to define the desired deliverables
Participate in the presales process in collaboration with the Presales/Solutions teams
Create documentation and revise the deliverables for complicated/ important projects
Research and evaluate new technology products in order to develop new solutions in collaboration with the Presales team
Conduct reports regarding the progress of the project
Ensure that the time frames for the delivery of the project are met
Ensure the resolution of issues in projects that have already been delivered
Act as escalation point for the resolution of important issues
Act as Technical Account Manager for the company’s clients
Coach and guide colleagues on Information Security related issues
Take care of his/her continuous education and awareness in new products/technologies
Participate in events for further education/development
Qualifications - External
University/College degree in Information Security, Risk Management, Computer Science, or other relative discipline
Master’s Degree in Information Security or relative discipline is desirable.
At least 5 years of proven expertise in Information/Cyber Security/Privacy Consulting.
Very good level of understanding on established Information Security frameworks (i.e., NIST, ISO 27001) and Governance Risk and Compliance (GRC)
Very good level of understanding on Information Security technical solutions.
At least 2 years of experience in:
o Developing Information Security/Data Privacy related Documentation.
o Conducting risk assessments and knowledge relevant methodologies (e.g., CRAMM, OCTAVE, NIST SP800-30, ISO 27005:2011).
Information Security/Privacy related certifications are required, such as (but not limited to): CISSP (and/or any of its concentrations), CISA, CISM, CRISC, CDPSE, ISO 27001 LA, ISO 22301 LA, CIPP
Excellent knowledge of English language (written and verbal)
Flexibility/availability to travel abroad
Genuine interest in exploring and working with new technologies
Information Technology & Services