Information Security Consultant – Resolution IT

The Information Security Consultant is a highly valued member of the information security team, responsible for maintaining and advising our specific security clients, helping them maintain their security certifications and ensuring compliance to regulatory standards. We are looking to hire an experienced consultant who has already developed a strong foundation in information security practices and principles. This is a client facing role, requiring strong communication skills and ability to translate technical security concepts to non-technical stakeholders.

Key responsibilites

• Provide expert advice and guidance on security policies, procedures, and standards in alignment with Cyber Essentials, Cyber Essentials+, IASME Cyber Assurance and ISO27001frameworks.
• Conduct comprehensive security assessments, audits, and risk analyses to identify vulnerabilities and ensure compliance with industry standards.
• Develop and implement security solutions tailored to client needs, ensuring the protection of sensitive data and systems.
• Collaborate with clients and internal teams to design and implement security strategies.
• Deliver training and workshops to clients on security best practices and protocols.
• Prepare and present detailed reports on security status, incidents, and improvements to clients and senior management.
• Stay updated with the latest security trends, threats, and technologies to proactively address potential risks.
• Provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.

Key criteria

• Extensive experience in IT with significant experience in an Information Security role
• Good understanding of the following regulations, GDPR, GFSC Cyber Rules and Guidance, Jersey Cyber law.
• Good working knowledge of Cyber Essentials, Cyber Essentials+, ISO27001, and IASME Cyber Assurance standards.
• Excellent communication skills to influence across hierarchical, organisational, cultural and market boundaries.
• Professionally qualified holding a recognised security accreditation (CISSP/CISM/CISA etc.,) or equivalent experience with demonstrable Continuous Professional Development.
• Good understanding and experience of integrating security into software or product development lifecycle and cloud security.
• Good understanding of the international regulatory context, particularly data privacy.
• Adept at articulating IT security and technical issues to technical and non-technical audiences in a clear and actionable manner.
• Strong commercial acumen when taking actions or making decisions.
• Comfortable with ambiguity and to work highly autonomously.

What do we offer?

Aside from a competitive salary, this position is based in our Guernsey office where the following benefits apply:

• Pension scheme
• Medical scheme
• Generous holiday entitlement
• On-site company gym (Guernsey office)
• Mileage allowances for business travel
• Health and well-being activities and company socials
• Professional development with support towards qualifications and training