Private & Confidential Job Specification – Managing Consultant, Information Security Salamanca Group Salamanca Group is a privately owned, Merchant Banking and Operational Risk Management business. The Group has a global presence with a focus on growth markets and complex jurisdictions. We have a strong culture of achievement, a strong client-focus and a strong team spirit. The Group has a distinct and compelling proposition by combining investment, advisory and trust services with operational risk and project delivery expertise. This combination of traditional Merchant Banking practices and values with Operational Risk Management expertise provides us with the ideal platform to truly add value and help our clients meet today’s challenges and opportunities. The Group currently has seven business units which work in synergy to enable business, protect assets and grow capital, helping our clients achieve their personal, corporate and financial goals. Our Vision By combining the approach of pioneering merchant banks of the past with a modern day risk management overlay, we aim to become a global leader in the provision of services that enable business, protect assets and grow capital. People will aspire to be associated with our business which will be underpinned by long term, trusted relationships with our partners, clients and employees. Salamanca Group – Cyber Security As part of the Corporate Risk Services business unit, the Cyber Security team provides expert information security services to corporates, family offices and high net worth individuals across the globe. We provide cutting edge solutions to identify, mitigate and manage information security threats 24/7 to ensure confidentiality, integrity and availability of information. Core services include: Managed Security Services Risk Assessment & Risk Treatment Planning Information Strategy & Investment Planning Compliance & Regulation Vulnerability Assessment & Penetration Testing Network Security Architecture Incident Response & Computer Forensics Salamanca Group believes that people and process should be the first port of call when looking to improve security posture. We combine our information security expertise with our financial JD 1 Private & Confidential expertise to ensure that our clients spend effectively on security and make measurable advances in risk mitigation. The Cyber Security team comprises leading and certified experts who use tried and tested methodologies to support clients. The breadth and depth of the team’s skills ensure that clients always get leading advice on all aspects of information security when they most need it. Additionally the close ties with the physical security team ensure a holistic approach to managing risk. Managing Consultant, Information Security Salamanca Group is seeking to recruit a Managing Consultant within the Cyber Security team. This is a full time, permanent position and the successful applicant will report directly to the Head of Cyber Security, Rory Innes. The role will be based at our headquarters in Mayfair, London but the candidate must be able to travel up to 60% annually. The Managing Consultant will provide information security consultancy to our clients, support internal information security programmes, drive new revenue and support pre-sales activity. The candidate will be a highly experienced information security consultant with experience in developing strategic direction and defining & planning for risk. A broad knowledge of information security is essential, this must encompass a good understanding of the practical application of security technology, as well as its theory. The successful candidate will combine years of consulting experience with deep information security expertise. Experience of successful information security delivery across a range of disciplines into small, medium and enterprise organisations is a must. The successful candidate will be a strong communicator who is comfortable whether presenting to the C-Suite or talking tech with the IT team. Excellent documentation and presentations skills a must. The role involves: Delivery of information security consulting to Salamanca Group’s clients across a broad range of disciplines. Conducting comprehensive information security workshops, assessments, architecture and investment plans against existing and emerging threat vectors and trends. Supporting the build and evolution of consultancy tools and frameworks. Engaging with the Salamanca Group IT team to help drive ongoing internal risk management activity. A range of pre-sales activity including RFP response, proposal development, pre-sales consultancy, presenting to potential clients and solution design/effort estimates. Creation of customer ready documents and presentations. Project management of multiple consultancy engagements. Support in development of cyber security department objectives and strategy. JD 2 Private & Confidential Qualifications & Experience The successful candidate will need to have the following competencies:Required Certified in information security – CISSP, CISA or CISM. 10+ years working in information security. 5+ years’ experience in information security consulting. Knowledge and implementation/consulting experience in managing risk and compliance projects. Solid understanding of best practice control frameworks and regulatory requirements. — Good working knowledge of security technologies and IT environments. — Incident response experience. — English: Fluent. — — — — Preferred — Degree in Information Technology. — ISO27001 Lead Implementer qualification. — PCI QSA. — GCIH: GIAC Certified Incident Handler — Experience with family offices or high net worth individuals. — Experience with maritime cyber security. — Broad exposure to a range of consultancy disciplines such as GRC, incident response, security testing, computer forensics, security training, identity & access management. — Experience of working with Managed Security Services pre-sales, integration and solution design. — Additional languages a bonus. Key Personal Skills The successful candidate will need to have the following skills and attributes:— A passionate interest in information security and dedication to continued professional development. — Ability to lead successful information security programmes in a range of small business up to global enterprises. — Sound knowledge of common technology controls such as SIEM, firewalls, IDS/IPS, encryption etc. — Proven ability to lead cross-functional teams and ensure cohesive efforts toward a shared goal. — Must have a broad understanding of customer's environments and be able to intelligently and strategically discuss Salamanca Group’s solutions/service delivery capabilities as they relate to our security services and client needs. — Must have skills and knowledge to allow for successful prioritisation of multiple projects and the ability to clearly communicate project requirements/timelines. JD 3 Private & Confidential — Experience of supporting pre-sales activities such as responding to a request for proposal, providing pre-sales consulting and lead generation. — Excellent verbal and written communication skills. — Should be a good team player. — Strong analytical/problem solving skills. — Should come up with innovative and smart ways of working, without compromising on quality. In addition to the above, at all times, Salamanca Group seeks to ensure that our Group Core Values are central to every part of our business. It will be a pre-requisite for the successful candidate to reflect and embody our core values as described below:— — — — — — Client, first and fair Always go the extra mile Esprit de Corps Ambassadors, one and all Integrity Agility & courage We would be delighted to discuss what we at Salamanca Group collectively stand for and what these values mean to us with any candidates interested in this position. Contact Please register your interest or direct enquiries to Salamanca Group HR Manager, Nora Albertini at N.Albertini@salamanca-group.com or telephone +44 20 7495 7070 JD 4