What success looks like in this role:
The
Security Consulting Manager
plays a crucial role in maintaining a secure client environment and in meeting our contractual requirements. In this client-facing role, you will need to be involved in all aspects of the client engagement, from the design of the solution to the implementation phases of the project. You will mainly be involved in overseeing information security issues in the steady-state delivery of large Enterprise engagements.
You will deliver value to client engagements by:
Maintaining a Security Risk Register that holds the up-to-date status of all risks within the scope of the services to be delivered for projects and BAU operations, the impact on business from those risks and agreed with mitigations/controls to manage those risks.
Documenting and articulating business requirements and evaluating the functionality, costs, and benefits of potential business solutions to meet those requirements.
Monitoring and reporting on the remediation activities to mitigate the risks as part of projects or BAU operational reports.
Maintaining a fit-for-purpose set of security standards that are applicable for applications (e.g., NIST) ISM infrastructure and Operations.
Validating and updating the risks progressively through periodic tests designed to maintain their currency from changing business operations or technology landscape efficiently and effectively.
Raising incident reports as and when security incidents get reported via Unisys SOCs, and working with client IT Operations Lead to implement mitigations/controls in a timely manner.
Providing security requirements for any new solutions and verifying that the solution components or designs meet those requirements efficiently and effectively, working closely with the technical teams.
You will be successful in this role if you have:
Knowledge & Experience in NZISM (New Zealand Information Security Manual).
Ideally, you will have an NV1 Security Clearance or be able to obtain one.
Minimum Bachelor's Degree (Specialization in Info Security is required).
Background in GRC and consulting/advisory interest is highly considerable.
7+ years of proven experience in the Information Security domain.
Strong stakeholder management and rapport building skills.
Demonstrated experience in reporting to CISO/senior security leadership is highly advantageous.
Adept at understanding the overall security/threat landscape and proposing solutions to mitigate risks from this environment.
Excellent understanding of tools and processes used for strengthening information security posture (Infrastructure Security devices – IDS/IPS, FW, VPN; ISO 27001 controls).
Excellent verbal, written and presentation skills and ability to work with virtual teams.
Must have a good understanding of IT infrastructure architecture.
Must be an intelligent, articulate and persuasive individual who can serve as an effective advisor to the senior client security leadership.
Able to communicate security-related concepts to a broad range of technical and non-technical staff and drive security across multiple teams.
Ideally, you will have or be seeking to obtain Security certifications such as – CISA, CISM, CISSP, ISO 27001 etc.
#J-18808-Ljbffr
