As the cyber arms race and technology revolution continue to outpace the ability of organisations to cope with the plethora of security, performance and availability issues, we are best placed to help you manage the risk and limit the threat.
With our knowledge, experience, capability and global footprint we are committed to ensuring that organisations have access to a total information assurance solution that works for them.
Our two complementary divisions, Escrow and Assurance, provide comprehensive end-to-end information assurance for over 15,000 organisations worldwide.
ROLE SPECIFICATION JOB TITLE:
NEGOTIABLE (West Coast or New York preferred)
Audit and Compliance
PRIMARY JOB PURPOSE:
To deliver consultancy and manage assignments for clients. Working in multiple industries, with diverse technologies, processes, and governance frameworks.
Experience in Information Security Architecture or Information Security Management (Policy, procedures, controls, awareness, ISO 27001, HIPAA/HITECH, PCI-DSS, FFIEC, etc.)
Risk Management / Risk Treatment
Excellent Client facing skills
Delivery of Information Security assignments & gap analysis work
Management of Information Security assignments
Excellent report writing skills.
Experience of Business Continuity Management and Disaster Recovery
Government (federal or state) experience in Information Assurance, Policy delivery and Risk Assessment
Knowledge of Information Assurance and Security Standards such as NIST SP-800 series
PCI-DSS auditing (Qualified Security Assessor)
ISO 27001 Lead Auditor
Familiarity with IT Controls, Risk Management, and Governance frameworks, such as ITIL, and CObIT
Familiarity with secure development lifecycles
TYPE OF EXPERIENCE:
Previous experience of working as a consultant in any market sector
Previous experience of developing accounts and customer relations
AMOUNT OF EXPERIENCE:
Working in Information Security
Good communicator to multiple levels and audiences within an organization
Credibility and high professionalism
This role will be working side-by-side with iSEC Partners consultants, a subsidiary of NCC Group. iSEC Partners is a proven full-service security consulting firm that provides penetration testing, secure systems development, security education and software design verification. iSEC Partners' security assessments leverage our extensive knowledge of current security vulnerabilities, penetration techniques and software development best practices to enable customers to secure their systems against ever-present threats on the Internet.
Primary emphasis is placed upon helping software developers build safe, reliable code. Areas of research interest include application attack and defense, web services, operating system security, privacy, storage network security and malicious application analysis.
Our goal is to create a new standard for customer satisfaction and become the pre-eminent leader in security consulting, research and tool development.