The Information Security, Risk and Complaince Consultant will collaborate with compliance, security, and general IT risks to ensure that IT supports the business objectives of the group, while enforcing policy, standards, and ensuring project implementations are consistent with local, regional, and global strategy.
Duration: 6 months
Day rate: $1,000 including super
Working Model: Hybrid working (3 days in the office, 2 days WFH)
Key responsibilities
The main function of this role will be to conduct 3rd party infosec due diligences as there is a current back long across the business.
Other duties may include
- Third party vendor assessments
- Remediation action review, analysis, and management.
- Cloud security assessments
- Business / IT Application assessments (incl. pre & post implementation reviews)
- Regulatory assessments (local regulations, ISO27001, PCI, SOC2 etc.)
- Minimum 3-5 years professional experience in Information Security related fields and/ or IT Risk Management
- One or more of the following Information Security related certifications is desirable: CISA, CRISC, CISSP and/or CISM.
- PCI ISA and/or ISO27001 experience / certification is a plus.
- Ability to operate using highly developed consulting and influencing skills, and able to communicate security-related concepts to a broad range of technical and non-technical staff.
- Strong risk management and Information Security skills.
- Big4 Information Security consulting and/or IT audit experience is a plus.
- Insurance industry understanding would be highly beneficial.
Additional information
- Hybrid Working - 3 days in the office 2 days fromt home
- ISO experience is essential certified is a beneficial
- Insurance Expereince would be an advantage