IT Governance, Risk and Compliance Consultant
The successful candidates will review business processes, data flows, applications, servers, databases, points-of-sale, and network infrastructure against best practice approaches such as Data Protection Act / PCI DSS / ISO 27001 / CobiT, to identify areas of non-compliance and/or risk, and produce high level written reports to those clients.
Responsibilities of the role include:
* Oversee and assess all technology related compliance and security issues including information security, DR, privacy, user access and information integrity.
* Conduct risk assessments on compliance with organisational, regulatory and contractual requirements as they apply to the IT systems.
* Direct the implementation of policies, procedures and controls to ensure that practices remain in line with all relevant international laws and relevant industry standards.
Candidates should have strong information security experience, with a solid background in IT Audit, Information Risk, Information Security or PCI DSS.
* Third level qualification in an IT related field or equivalent experience
* A professional certification in the domain of Information and ICT security (e.g. PCI QSA; CISA; CISSP; CISM)
* A detailed understanding or practical experience in some of the following is considered essential:
* Knowledge and auditing experience of current legal and regulatory requirements around information security and privacy, including but not limited to
* PCI DSS,
* Data Protection,
* Compliance Audits etc.
* Minimum of 2 - 3 years' experience in an Information Security, IT Audit or Risk field
* Candidates with previous consultancy experience desirable