Information Assurance Consultant

  • Full Time
  • Bristol

Website ProtectionGIntl PGI - Protection Group International Ltd

About Us

PGI’s cyber division will experience considerable growth in 2021 and the successful candidate will be able to work with minimal supervision to deliver high quality consultancy across a range of clients and services in the area of information assurance (IA). IA consultancy is a cornerstone of PGI’s cyber security services, and includes, but is not limited to:

  • Information Security Management System (ISMS) design and implementation
  • GDPR gap assessments and implementation support;
  • DSPT gap assessments and implementation support;
  • ISO 27001 scoping, gap assessments, and implementation in preparation for certification;
  • PCI DSS scoping, gap assessments, implementation guidance, and compliance reporting;
  • Cyber Maturity Modelling to baseline organisations against a COBIT-like 0 to 5 maturity scale;
  • Third-party / supplier assurance reviews; and
  • Cyber threat intelligence analysis and reviews; and

Our approach to our consultancy work is that IA must be tailored to fit the unique context of each client in order to deliver maximum value and effect. Our client base for this work is diverse, ranging from small to medium enterprises through to major UK and overseas government organisations.

Cyber security training is also a major area of growth for the company and PGI currently delivers large-scale training and skills consultancy offerings to several overseas government clients. Integrating current and real-world experience of cyber security and the threats faced by real clients to our training is a key aspect of our work. Ideally, the successful candidate will be able to contribute towards PGI’s training offering, either by providing input to training collateral or delivering training.

Finally, as a cyber security provider, PGI’s own security stance must be beyond reproach. The successful candidate will play an active role in ensuring that PGI maintains high standards of security, including ISO27001 certification.

Specific tasks and requirements for the role are:

  • As directed, undertake IA consultancy work, including but not limited to, gap analysis and implementation advice for: PCI DSS, DSPT, ISO 27001, GDPR, risk management, business continuity and PGI’s in-house Cyber Maturity Modelling offering.
  • Be responsible for the development and effective management of client relationships.
  • Work with the IA team and other teams within PGI to provide expertise on appropriate information security controls for PGI.
  • Contribute to the PGI Cyber Information Security Management Forum (ISMF), including engaging with senior management to demonstrate newly identified security risks, suggesting risk mitigation strategies and providing updates on ISMS performance and continuous improvement.
  • Assist with the production of appropriate security metrics.
  • Provide subject matter expertise and input in relation to written bids for new IA consultancy work.
  • As directed, deliver and/or edit training collateral on the subject of core IA topics.

Person Specification

Essential

  • Very strong written and verbal communication skills, especially in relation to writing and implementing security policies and procedures.
  • The ability to work collaboratively as part of a team.
  • Experience in building internal and external stakeholder relationships.
  • At least 2 years’ experience in information assurance-related consultancy work, including audits against information security standards.
  • Sound knowledge of the PCI DSS standard and requirements for compliance against this standard.
  • Sound knowledge of the ISO 27001 standard and requirements for compliance against this standard.
  • Outstanding personal drive and integrity.

Ideal

  • ISO 27001 Lead Auditor / Lead Implementer.
  • CISSP.
  • PCIP, ISA or QSA.
  • Understanding of the Data Protection Act (DPA) and experience of providing consultancy on this subject.
  • Understanding of Business Continuity/Disaster Recovery planning.
  • Previous experience of building and delivering information security training.
  • Broad knowledge of IT systems and network security, with hands on exposure to various security products.
  • Project management skills including financial/budget management, scheduling and resource management.

Above all, we are interested in your attitude and willingness to get up to speed quickly. Opportunities for technical and personal development, including professional accreditation, will be given to the right candidate.

PGI is committed to equality of opportunity and a diverse workforce. Part time candidates are also welcome to apply for this role.

STRICTLY NO AGENCIES, THANK YOU

Job Types: Full-time, Part-time, Permanent

Salary: From £40,000.00 per year

Benefits:

  • Bike to work scheme
  • Casual dress
  • Company pension
  • Employee discount
  • Gym membership
  • Life insurance
  • On-site parking
  • Private medical insurance
  • Referral programme
  • Sick pay
  • Work from home

Schedule:

  • Monday to Friday

COVID-19 considerations:
Offices are socially distanced and risk-assessed. Minimal requirement to attend office base.

Experience:

  • Information Assurance Consultancy: 2 years (preferred)
  • PCI DSS standard and requirements for compliance: 1 year (required)
  • ISO 27001: 1 year (required)

Licence/Certification:

  • Right to Work in the UK as an employee (required)
  • CISSP (preferred)
  • PCIP, ISA or QSA (preferred)

This is an employed position. Applicants must have the right to work as an employee in the UK.

To apply for this job email your details to Careers@pgitl.com.