<p>Our client is looking for an <strong>Intermediate Cyber Security Consultant</strong> to provide cyber security advisory and implementation support within a regulated insurance environment. The role is offered on a <strong>12-month contract</strong> with <strong>Onsite working model</strong> and requires a consultant with strong governance, risk, and compliance (GRC) foundations, as well as practical cloud security experience.</p><p><br></p><p><strong>Contract Details:</strong></p><ul><li>Contract Duration: 12 months</li><li>Working Model: Onsite</li></ul><p><br></p><p><strong>Key Responsibilities</strong></p><ul><li>Support the implementation, maintenance, and continuous improvement of the Information Security Management System (ISMS) in alignment with <strong>ISO/IEC 27001</strong> standards</li><li>Conduct cyber security risk assessments and gap analyses, identifying control weaknesses and recommending remediation actions</li><li>Provide security oversight and advisory support for <strong>Azure cloud environments</strong>, including identity and access management, network security controls, logging, and monitoring</li><li>Assist with the development, review, and enforcement of information security policies, standards, procedures, and guidelines</li><li>Support regulatory and compliance requirements relevant to the insurance industry, including internal and external audits</li><li>Participate in incident response activities, including investigation, root cause analysis, and post-incident reporting</li><li>Collaborate with IT, risk, compliance, and business stakeholders to ensure security controls are embedded into systems and processes</li><li>Support vendor and third-party risk assessments and security reviews</li></ul><p><br></p><p><strong>Key Deliverables</strong></p><ul><li>ISO 27001-aligned security documentation, including policies, standards, procedures, and control evidence</li><li>Cyber security risk assessment reports and remediation plans</li><li>Cloud security assessment findings and recommendations for Azure environments</li><li>Audit support artefacts and compliance evidence packs</li><li>Incident response reports and lessons-learned documentation</li><li>Regular cyber security status reports and risk updates to key stakeholders</li></ul><p><br></p><p><strong>Mandatory Skills &amp; Experience</strong></p><ul><li>+4 years expeirence as Cyber Security Engineer</li><li>ISO/IEC 27000 series experience(<strong>non-negotiable</strong>)</li><li>Microsoft Azure certifications<strong> (non-negotiable) </strong></li><li>Previous cyber security experience in an <strong>insurance or financial services environment</strong></li><li>Strong foundational cyber security experience across governance, risk, compliance, incident management, and security controls</li></ul><p></p>
Sourced from external listing
Miprint Consulting
Recruitment Agency
Sourced from LinkedIn