Information Security Project Assurance Lead

This job does not exist anymore.

Try running a new search or browse our vacancies.

Or fill in the form below to receive job alerts.

2017-11-16 14:05:221970-01-01 ViaResource
Job Type Permanent Full Time
Location Holborn, London
Area London, United Kingdom Holborn, London
Sector Retail
Salary £60,000 - £65,000 plus bonus and benefits
Start Date ASAP
Telephone 02033271996
Job Ref JXL10459

Our client, a well known retail organisation within the UK, are looking for an Information Security Project Assurance Lead with management experience to help ensure that IT projects are delivered securely, protecting client and employee data.
Duties & Responsibilities

  • Lead a team of up to 12 Security Analysts engaged in delivering End to End Project Assurance i.e.:
    • Manage internal security assurance for internally developed applications within a DevOps environment
    • Scope penetration testing for both internal and external facing applications with external testing providers
    • Manage external resources to ensure that penetration testing is carried out to a suitable standard on time and within budget
    • Responsible for ensuring that vulnerabilities identified via internal or external security testing are suitably mitigated and any residual risks are documented and formally accepted
    • Conduct Information Security Risk Assessments using the Information Security Risk Management Process
  • Responsible for the information security management discipline, ensuring an effective and coordinated set of processes are developed and maintained across all services, suppliers and customers:
    • Ensures the Information / document / content storage, retention and management policies and procedures are maintained and aligned to industry best practice
    • Ensures the benefits of Information security and concept of risks is understood by all colleagues
    • Pro-actively manages security risk assessments and mitigation plans to address risks within agreed timescales, evaluating business impact
    • Provides advice and guidance associated with the planning, design, implementation and improvement of system security taking account of current best practice, legislation and regulation
  • Ensures all projects consider the security implications throughout the project lifecycles:
    • Security risks are identified early on and catered for in the solution design and that the resulting implementation addresses these risks
    • Authorises implementation of procedures to satisfy new access requirements, or provide effective interfaces between users and service providers
    • Works with the internal Legal team to ensure Data protection regulation is supported by all IT systems and processes
  • Reports effectiveness of information security against industry standards and agreed KPI’s, along with Security Incident Response Plans
  • Ensures the specific technical skills required are provided to manage and maintain security
  • Liaises with industry and national bodies (including regulators and auditors) to ensure the appropriateness of the information security function, e.g. PCI compliance

Desired Skills & Experience

  • CISSP or CISM essential; CRISC, CCSP, CEH or equivalent desirable
  • Computer Science degree and/or MSC in Information Security desirable but not essential
  • Working knowledge of different delivery methodologies including Waterfall, Agile and Hybrid. Knowledge and skills to manage Penetration Testing processes and remediation
  • Has a broad knowledge and understanding of IT concepts and architectures including Cloud, BYOD, Mobile Device Management etc.
  • Proactively takes responsibility, owns any issues arising and follows through to resolve them, recognising how individual responsibility impacts team delivery and inspires others to do the same
  • Knowledge of OWASP vulnerabilities, tools and methodologies
  • Demonstrates extensive knowledge of good security practice covering the physical and logical aspects of information products, systems integrity and confidentiality
  • Expert in methods and techniques for risk management, business impact analysis, countermeasures and contingency arrangements relating to the serious disruption of IT services
  • Expert in tools or systems which provides access security control (i.e. prevents unauthorised system access)
  • Strong current knowledge of PCI, DPA and ISO27001

For more information about this opportunity, please contact Julie Liu on 0203 327 1996.

Job TypeClear
Sign in
Similar Jobs
  • Application Security Architect
    United Kingdom , South East , Thames Valley

    As one of the first, specialist, information security recruitment consultancies, Via Resource have developed unparalleled insight and knowledge of the information security market accompanied by a vast network of contacts and opportunities for clients and candidates alike.     The ro...
  • Penetration Tester
    United Kingdom , South East , London

    As one of the first, specialist, information security recruitment consultancies, Via Resource have developed unparalleled insight and knowledge of the information security market accompanied by a vast network of contacts and opportunities for clients and candidates alike.     The ro...
Email Me Jobs Like This
Subscribed to similar jobs notifications



Via resource Group
Braywick House West
Windsor Road
United Kingdom

+44 0203 327 1996

Our partners

REC Logo 2 cyber essential logo2 Crown Commercial Service G Cloud 8

We use cookies to provide you with the best possible browsing experience on our website. You can find out more below.
Cookies are small text files that can be used by websites to make a user's experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
ResolutionUsed to ensure the correct version of the site is displayed to your device.
SessionUsed to track your user session on our website.
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
Google AnalyticsGoogle Analytics is an analytics tool to measure website, app, digital and offline data to gain user insights.

More Details