Outside IR35 contract jobs

Description

Information Security Policies and Standards Consultant

Overview:
Information Security Policies and Standards Consultant required for market leading financial services firm. The role is focused on development, implementation, and continuous improvement of security policies, procedures, and standards across the organization. This role requires a deep understanding of security governance, industry standards, regulatory frameworks, and risk management to ensure the organization's information security posture remains robust and compliant with all regulations.

Duties:
- Lead the development, implementation, and maintenance of information security policies, standards, and guidelines to address evolving security risks and compliance requirements.
- Ensure security policies are comprehensive, consistent, and aligned with organizational objectives, regulatory mandates (eg., NIST, ISO 27001, GDPR, HIPPA etc.), and other industry best practices.
- Establish clear processes for periodic review, update, and approval of security policies.
- Advise on and ensure compliance with relevant security frameworks and regulatory requirements (eg., NIST, SOC 2, PCI DSS , ISO 27001) for the entire organization.
- Provide subject matter expertise to help identify , assess ,and mitigate information security risks.
- Coordinate with audit and risk management teams to ensure security policiesand standards are being followedand risks are properly mitigated.
- Designand implement governance structures to monitor , enforce,and ensure adherence tosecuritypoliciesandstandardsacrosstheorganization .
- Developand maintain asecuritymetricsframeworktoevaluate theeffectivenessofinformationsecuritypolicies ,standards,andprocedures .
- Serve as a key stakeholder in organizational risk assessments,vulnerabilitymanagement,andincidentresponseplanning .
- Collaborate closelywithinternalteams,includ ingIT ,legal ,compliance,andbusinessleaders,toensurethesuccessfuladoptionandexecutionofinformationsecuritypoliciesandstandards .
- Leadandfacilitatesecuritypolicytrainingawarenessprogramsandworkshopsacrosstheorganizationtodriveastrongsecurityculture .
- Actasatrustedadvisortosenior managementprovidingexpertrecommendationsonsecuritygovernancepolicyissuesandriskmanagementstrategies .
- Staycurrentonemergingthreats,securi tytechnologies,andregulatorychangestoproactivelyadaptoliciesandstandardsto maintainbest-in-classsecurit ypractices .
- Leadeffortstocontinuouslyimprovetheorganization'sinformationse curityposturethroughpolicyenhancementsan dprocessoptimization .
- Publishthoughtleadershipcontent,andrepresenttheorganizationatindustryconferencesforums,a ndworkinggroups .

Qualifications:
As an ideal candidate you will have an industry certification such as CISSP,CISM or CRISC. You will also have a proven track record of delivery in a similar role. Financial services experience is highly advantageous.