Senior GRC Consultant
Senior GRC Consultant, London, Contract, GRC, ISO27001, PCI DSS, ISMS
My client, a Payments Services company, are looking for a senior GRC Consultant to act as a subject matter expert for all Governance, Risk and Compliance matters within the organisation and to manage the day-to-day operations of their Information Security Management System.
This ideal candidate will be a driving force behind the companies project to obtain ISO 27001:2013 certification and ensure that their Information Security Governance policies and procedure meet security best practices, including improvement of the security culture and delivery of a security awareness programme. This will include ensuring that all 3rd party suppliers are measured against the ISO 27001 framework.
The key responsibilities of this role will include maintaining all documentation pertaining to policies, standards control engines/scorecards and all associated control registers, promoting security awareness culture organisation-wide and defining & execution of Information Security Policy compliance. This will include supporting change as the internal SME for all matters Information Security related and working with all internal Information Security and SOC teams to insure both internal and external security.
To be applicable for this role you must:
¿ Have significant professional experience of/certification in ISO27001, PCI-DSS, CISSP, CISM, GPG 30/47, ITIL
¿ Certified Information Security Manager (CISM) or an equivalent certification
¿ A in-depth understanding of Information Security Governance, Risk and Compliance practices, policies, controls and best practice
¿ A sound understand of working with cloud infrastructure, project management and devops
¿ Experience of taking an organisation through ISO27001 certification, preferably as an ISO27001 lead implementor/auditor
¿ Experience of maintaining, Developing and implementing an Information Security Management System (ISMS)
¿ Preferable to h