Hiring a Senior Information security consultant with a good Understanding on the full IT Security lifecycle

Long term contract

Remote in the UK or EU

rate per day doe

*Responsibilities:*

.*Governance Risk Compliance (GRC):*

- Support in Develop, implement, and maintain robust information security programs, plans, and processes.

- Assist Allocation of proficient resources for program execution.

- Manage operational procedures and ensure compliance and documentation of security procedures and processes.

- Regularly review program status with security manager and clients.

- Identify and assess technical impacts on security, including SAAS, cloud, and mobile.

- Conduct comprehensive vulnerability assessments and propose effective remediation strategies.

- Monitor and report on the progress of vulnerability remediation efforts.

- Assist in Ensuring alignment with TFS Enterprise Risk Management program.

- Stay abreast of emerging industry standards and technologies.

.*Security Engineering:*

- Support in Architect and maintain enterprise-level security frameworks.

- Support in Embedding security requirements throughout development and acquisition cycles.

- Oversee identity and access management systems, including Active Directory.

- Implement and assess controls to safeguard software and applications.

- Support in Maintaining exhaustive inventories of network, hardware, and mobile assets.

- Deploy and manage controls for network and system protection, including intrusion prevention and detection.

- Oversee configurations and changes for all IT assets.

.*Security Operations:*

- Collect and analyze intelligence from various sources to identify threats.

- Support 24/7 Security operations center as L3 security

- Proactively manage and mitigate security threats to organizational assets with support of SOC.

- Maintain situational awareness through intelligence analysis and reporting.

- Execute effective management of vulnerabilities, viruses, and malicious code.

- Perform ad-hoc security assessment for new software and systems

- Support security manager in security related projects

- Perform and support in house penetration testing and configuration assessment

.*Incident Management:*

- Support SIRT Leader in security incident management, including detection, analysis, and response.

- Support in Development and refine incident management, business continuity, and disaster recovery plans.

- Support in Conducting regular tests, exercises, and drills to evaluate response effectiveness.

- Perform detailed problem management, root cause analysis, and post-incident reviews.

- Support forensic investigations and collaborate with law enforcement and regulatory bodies.

*Qualifications:*

- Extensive hands-on experience in information security, with a strong technical background.

- Deep understanding of security operations, including perimeter defense, data loss prevention, and threat analysis.

- Proficiency in managing security tools such as SIEM, vulnerability management, and intrusion detection systems.

- Advanced knowledge of network protocols and vulnerability assessment techniques.

- Familiarity with the current cyber threat landscape, including threat actors and attack methodologies.

- Experience in forensic analysis and DDoS mitigation techniques.

- Ability to prioritize tasks independently and maintain detailed documentation.

- Strong problem-solving skills and a collaborative mindset.

- Preferred certifications include CISSP, CEH, and GIAC certifications (eg, GCIH, GPEN, GWAPT).

Email (see below)