Information Security Consultant (Policies)
Leading Retail firm require an Infosec consultant to be responsible for the definition and implementation of refreshed Information Security policies and procedures and to support the Head of IT Security Policy, Awareness & Culture to ensure that work to improve Information Security policies is managed and well-understood.
The Infosec Policies consultant will have the following experience:
- Understand how the policy is managed / enforced today and how it is documented.
- Undertake detailed workshops to design and agree improved policies & procedures.
- Create policy documentation, including procedures and other necessary documents.
- Development policy exception processes, where necessary.
- Ensure the improved policies are agreed and embedded with the relevant audiences.
- Facilitate co-ordination between the multiple parties involved in policy development, to achieve desired outcomes.
- Assist with the audit, measurement and reporting on improved Information Security policy adherence, to demonstrate success
- Excellent understanding of Information Security policy development and customisation.
- Strong understanding of leading industry security standards, associated controls, and audit requirements for compliance. Knowledge of NIST Cybersecurity Framework and ISO 27001/27002 preferred.
- Good communication skills, written and verbal. Ability to lead discussions with both highly technical and non-technical individuals.
- Ability to co-ordinate with multiple teams, including stakeholders in other geographies.
- Previous experience writing and editing policies, procedures, or other technical communications.
If interested, please do not hesitate to apply to the advert or contact Molly Lamb at Molly.Lamb@lafosse.com