Posted on: 2/10/2018

Job type: Permanent

Sector: IT

Sign up for job alerts

You will receive job alerts for:

Please enter your email address.

About ISF

The Information Security Forum (ISF) is the world's leading authority on information risk management. A not-for-profit organization, we supply authoritative opinion and guidance on all aspects of information security. We deliver practical solutions to overcome the wide-ranging security challenges that impact business information today. ISF Members have unlimited access to a library of reports about information security issues, along with powerful web-based solutions for security assessment, benchmarking and risk management. We also provide Member organizations with the opportunity to connect with other Members, so they can share, discuss and resolve the key information security issues facing their businesses.
About the Consultant role
The primary purpose of this role is to provide 'hands on' implementation consultancy to Member organizations. ISF's Consultancy Services are a chargeable 'add-on' to ISF Membership whereby Members can obtain customised support - provided at favorable rates directly by the ISF - to assist them in implementing ISF deliverables to maximum effect. Typically short-term assignments (approximately 5 to 20 days), examples of Services to Assist engagements include:
* Undertaking information security assessments using the ISF's Benchmark / Security Healthcheck tools
* Implementation of the ISF's Standard of Good Practice to achieve compliance with the NIST Cyber Security Framework and other internationally recognized standards, such as ISO 27001/2
* Undertaking information risk assessments using the ISF's IRAM2 Information Risk Analysis methodology
* Delivery of training to equip the Member to implement ISF tools / methodologies consistently over time.

Delivery of Consultancy Services will typically involve interaction between the Consultant and senior staff in the Member organization, such as CISO, CSO, or CIO.

Required tasks

The Consultant will be required to:

* Liaise with the relevant Regional Sales Director in undertaking an initial assessment of the likely work
* Engage with the Member to scope the work to be delivered and determine phases and milestones
* Schedule the work to be carried out in a way that meets the Member need while at the same time respecting other commitments
* Deliver the Consultancy engagement to agreed timescales and in line with Member expectations
* Promote the benefits ISF Membership overall and identify any further opportunities for delivering Member value
* Escalate any general relationship issues identified during the course of the engagement to the Regional Sales Director
* Report on the outcome of the engagement to ISF Management
* Where requested, produce a case study that shows how the engagement delivered business value to the Member.

Required skills

The Consultant should have the following skills:

* Strong written and verbal communication skills (including the ability to present to large audiences)
* Sufficient gravitas to interact with senior individuals with ease
* Ability to diagnose an information security / information risk management-related issue and identify a solution that makes maximum use of existing ISF methodologies and tools
* Apply a structured approach to delivery of client engagements, ensuring the involvement of all relevant stakeholders
* Learn fast and apply this learning in value-focused interaction with Members
* Convey the ISF Membership proposition convincingly
* Display a strong team working ethic (required both when interacting with other ISF Team members and with teams within Member organizations).

Knowledge and experience requirements

The individual will be required to demonstrate the following:

* At least 10 years' experience in an information security-related management role OR experience working as a senior consultant in an information security-related consultancy role
* A sound understanding of the fundamentals of information security, information risk management and cyber resilience
* Knowledge of internationally-recognized information security-related standards, such as the ISF's Standard of Good Practice for Information Security, ISO 27001/2 and the NIST Cyber Security Framework
* A sound understanding of information risk analysis principles and information security assessment techniques.

The individual should be able to prove education to at least degree level. While an information security-related qualification/certification such as CISSP or CISM is not essential, it is desirable.

Technology requirements

* Strong command of Microsoft Outlook, Word, Excel and PowerPoint (MS Project is desirable but not essential)
* Sound understanding of business-focused social networking sites (such as Linked In) and a fast grasp of the ISF Live Member website (based on 'Jive' technology).

The individual will be provided with a MS Windows-based laptop PC.

Role location and travel

The individual will work predominantly from home when not undertaking client engagements.

Travel will be required throughout North America. In addition, travel to other international locations will be required from time to time, on demand. Expected travel is one week per month.
Send job by email

Apply for Consultant - Full time position
Reference: JO-1708-598
Apply now