Document

advertisement
Private & Confidential
Job Specification – Managing Consultant,
Information Security
Salamanca Group
Salamanca Group is a privately owned, Merchant Banking and Operational Risk Management
business. The Group has a global presence with a focus on growth markets and complex
jurisdictions. We have a strong culture of achievement, a strong client-focus and a strong team
spirit. The Group has a distinct and compelling proposition by combining investment, advisory
and trust services with operational risk and project delivery expertise. This combination of
traditional Merchant Banking practices and values with Operational Risk Management expertise
provides us with the ideal platform to truly add value and help our clients meet today’s
challenges and opportunities. The Group currently has seven business units which work in
synergy to enable business, protect assets and grow capital, helping our clients achieve their
personal, corporate and financial goals.
Our Vision
By combining the approach of pioneering merchant banks of the past with a modern day risk
management overlay, we aim to become a global leader in the provision of services that enable
business, protect assets and grow capital.
People will aspire to be associated with our business which will be underpinned by long term,
trusted relationships with our partners, clients and employees.
Salamanca Group – Cyber Security
As part of the Corporate Risk Services business unit, the Cyber Security team provides expert
information security services to corporates, family offices and high net worth individuals across
the globe. We provide cutting edge solutions to identify, mitigate and manage information
security threats 24/7 to ensure confidentiality, integrity and availability of information.
Core services







include:
Managed Security Services
Risk Assessment & Risk Treatment Planning
Information Strategy & Investment Planning
Compliance & Regulation
Vulnerability Assessment & Penetration Testing
Network Security Architecture
Incident Response & Computer Forensics
Salamanca Group believes that people and process should be the first port of call when looking
to improve security posture. We combine our information security expertise with our financial
JD
1
Private & Confidential
expertise to ensure that our clients spend effectively on security and make measurable
advances in risk mitigation.
The Cyber Security team comprises leading and certified experts who use tried and tested
methodologies to support clients. The breadth and depth of the team’s skills ensure that clients
always get leading advice on all aspects of information security when they most need it.
Additionally the close ties with the physical security team ensure a holistic approach to
managing risk.
Managing Consultant, Information Security
Salamanca Group is seeking to recruit a Managing Consultant within the Cyber Security team.
This is a full time, permanent position and the successful applicant will report directly to the
Head of Cyber Security, Rory Innes. The role will be based at our headquarters in Mayfair,
London but the candidate must be able to travel up to 60% annually.
The Managing Consultant will provide information security consultancy to our clients, support
internal information security programmes, drive new revenue and support pre-sales activity.
The candidate will be a highly experienced information security consultant with experience in
developing strategic direction and defining & planning for risk. A broad knowledge of
information security is essential, this must encompass a good understanding of the practical
application of security technology, as well as its theory.
The successful candidate will combine years of consulting experience with deep information
security expertise. Experience of successful information security delivery across a range of
disciplines into small, medium and enterprise organisations is a must.
The successful candidate will be a strong communicator who is comfortable whether presenting
to the C-Suite or talking tech with the IT team. Excellent documentation and presentations skills
a must.
The role involves:



Delivery of information security consulting to Salamanca Group’s clients across a broad
range of disciplines.
Conducting comprehensive information security workshops, assessments, architecture
and investment plans against existing and emerging threat vectors and trends.
Supporting the build and evolution of consultancy tools and frameworks.
Engaging with the Salamanca Group IT team to help drive ongoing internal risk
management activity.
A range of pre-sales activity including RFP response, proposal development, pre-sales
consultancy, presenting to potential clients and solution design/effort estimates.
Creation of customer ready documents and presentations.
Project management of multiple consultancy engagements.
Support in development of cyber security department objectives and strategy.
JD
2




Private & Confidential
Qualifications & Experience
The successful candidate will need to have the following competencies:Required
Certified in information security – CISSP, CISA or CISM.
10+ years working in information security.
5+ years’ experience in information security consulting.
Knowledge and implementation/consulting experience in managing risk and
compliance projects. Solid understanding of best practice control frameworks and
regulatory requirements.
— Good working knowledge of security technologies and IT environments.
— Incident response experience.
— English: Fluent.
—
—
—
—
Preferred
— Degree in Information Technology.
— ISO27001 Lead Implementer qualification.
— PCI QSA.
— GCIH: GIAC Certified Incident Handler
— Experience with family offices or high net worth individuals.
— Experience with maritime cyber security.
— Broad exposure to a range of consultancy disciplines such as GRC, incident response,
security testing, computer forensics, security training, identity & access
management.
— Experience of working with Managed Security Services pre-sales, integration and
solution design.
— Additional languages a bonus.
Key Personal Skills
The successful candidate will need to have the following skills and attributes:— A passionate interest in information security and dedication to continued professional
development.
— Ability to lead successful information security programmes in a range of small
business up to global enterprises.
— Sound knowledge of common technology controls such as SIEM, firewalls, IDS/IPS,
encryption etc.
— Proven ability to lead cross-functional teams and ensure cohesive efforts toward a
shared goal.
— Must have a broad understanding of customer's environments and be able to
intelligently and strategically discuss Salamanca Group’s solutions/service delivery
capabilities as they relate to our security services and client needs.
— Must have skills and knowledge to allow for successful prioritisation of multiple
projects and the ability to clearly communicate project requirements/timelines.
JD
3
Private & Confidential
— Experience of supporting pre-sales activities such as responding to a request for
proposal, providing pre-sales consulting and lead generation.
— Excellent verbal and written communication skills.
— Should be a good team player.
— Strong analytical/problem solving skills.
— Should come up with innovative and smart ways of working, without compromising
on quality.
In addition to the above, at all times, Salamanca Group seeks to ensure that our Group Core
Values are central to every part of our business.
It will be a pre-requisite for the successful candidate to reflect and embody our core values as
described below:—
—
—
—
—
—
Client, first and fair
Always go the extra mile
Esprit de Corps
Ambassadors, one and all
Integrity
Agility & courage
We would be delighted to discuss what we at Salamanca Group collectively stand for and what
these values mean to us with any candidates interested in this position.
Contact
Please register your interest or direct enquiries to Salamanca Group HR Manager, Nora Albertini
at N.Albertini@salamanca-group.com or telephone +44 20 7495 7070
JD
4
Download