£400 - £430 per day
Contract Spy Baring St, Manchester, UK
Mar 25, 2020Duration not stated
Security Consultant - GDPR & ISO27001 - Technical Assessment Security Consultant URGENTLY required to perform security assessment / GDPR review on multiple products, platforms and services as part of a wider security assessment initiative. The Security Consultant will be responsible for delivering multiple GDPR & ISO27001 technical security control and impact assessments / impact assessments. The Security Consultant will manage the solution technical Security review (incorporating 15 key controls), undertake evidence discovery, recording and reporting on the GDPR Security gaps and non-compliance across the solutions estate. The successful Security Consultant will be responsible for: Identify and capture information relating to the system or application owner and produce a high level overview of the product, platform or service and its purpose Capture information to provide an agreed scoring system to monitor the level of compliance against a number of ISO/IEC 27001 :2013 controls that have been identified as being relevant to GDPR for each product, platform or service Review information against the ISO27001 information security control framework for alignment Perform GDPR Security gap analysis & risk management Produce a detailed assessment report , including stakeholders, third parties and customer contacts who were consulted as part of the GDPR technical security assessment and the rationale behind any decisions made during the security assessment Develop a plan for continued control compliance to ensure business and security obligations are met and remain fit for purpose This security project is on a defined scope and delivery of required / contracted services and is outside of IR35 . This is a long-term assignment (estimate 1 year). TO APPLY, PLEASE SEND CV ASAP. KEY SKILLS : Information Security, ISO27001, ISO 27001, IEC 27001, PCI DSS, Security Audit, Risk Assessment, GDPR. Previous roles in Security Architecture, Security Technical Authority, Security Design Authority, Cyber Security, network security, SIEM, CISSP, CISA, CISM would prove relevant.