Job Specifications
Information Security Consultant
Based: Field-based, predominantly in the London area
Type: Full-time
Salary: £70-80k
Eligibility: You must be eligible to work in the UK
As the Smartdesc Information Security Consultant, you will be working with the Information Security team and technical delivery team to deliver security solutions to our customers.
You will work with Smartdesc customers providing strategic Information Security guidance, support and roadmaps, driving continuous improvement in their security posture. This will include identifying and overseeing a variety of security projects, including helping our customers to implement security controls, assessing against industry good practice, creating assessment reports to deliver to Senior Leadership Teams and improving organisations security position.
The role offers a wide range of work, from strategic Information Security governance and risk management to guiding our non-profit customers to get best value from the Microsoft Business Premium, E3 and E5 security offerings. You will also need to be confident presenting security information at all levels, from part time volunteers to boards.
This role will be customer facing requiring a keen eye for detail and proven ability of delivering Information Security good practice.
Key Responsibilities
Identifying steps that organisations need to take to improve their security position and creating roadmaps for continuous improvement, often maximising the use of existing Microsoft licensing and supporting them through the process.
Alignment of good practice frameworks and standards such as Cyber Essentials, NCSC CAF and ISO 27001.
Ownership or oversight of key Information Security processes and procedures.
Implementation and ownership of Information Security Risk Management programmes.
Identifying and managing remediation actions to reduce risks.
Ownership or oversight of Information Security Policies.
Development and Implementation of general and role/function specific Information Security Training and Awareness programmes.
Raising, investigating and managing or supporting IT Security incidents ensuring any necessary follow up actions.
Providing IT security support to business functions including digital teams, IT infrastructure and IT Service Desk.
Development and ownership of the Information Security Internal Audit programmes.
Oversight of rolling programmes of security tests, reviews and audits.
Writing Information Security reports and delivering the findings to key stakeholders
PERSON SPECIFICATION
Previous consulting experience is required, preferably to SMEs, non-profits or educational settings
Knowledge and experience with technology, security and DP related compliance, legal & regulatory frameworks and standards, including Cyber Essentials, ISO27001, PCI DSS, OWASP, GDPR etc.
Knowledge and experience of the Microsoft stack. Purview experience is beneficial.
Ability to demonstrate expert knowledge and understanding of information security good practice.
Experience in working with technical and non-technical business personnel at various levels, articulating security risks in a manner appropriate to the stakeholders.
Strong attention to detail.
Knowledge of Information Security principles and concepts and knowledge of technical security controls.
A positive can-do attitude and a self-starter who can work under their own initiative.
Information Security certifications such as CISSP or CISM are beneficial as are Microsoft certifications especially from the SC series such as the SC-400/401
About Us
Smartdesc is part of the Academia Group, an innovative and rapidly expanding technology company on a mission to transform IT services for large public and private sector customers. We're not just a supplier; we're a trusted partner for thousands of clients.
Our ethos is simple, if we can provide great technology and make it work, we will empower our customers to optimise their investment in technology. Our customers IT success is our business. Building a strong reputation over 20 years as a top-tier provider of IT solutions and services, the company has sustained double-digit growth, with revenues exceeding £150 million in FY24. We have picked up prestigious industry awards along the way, including the highly prized CRN reseller of the year award.
Backed by Strive Capital, which has provided strong financial and strategic support since 2020, Academia is well-equipped to continue expanding into new areas. Our dedicated lifecycle division, launched to meet the growing demand for sustainable IT solutions, reinforces our commitment to reducing environmental impact while supporting the full lifecycle of our technology.
Our culture is built on teamwork, innovation, integrity, ambition, and a commitment to delivering excellent customer service. With ambitious growth plans and a supportive, collaborative environment, Academia is a fantastic place for professionals eager to make an impact. Join us and become
About the Company
Celebrating 22 years of success, Academia the Technology Group is a fast-growing, highly accredited, award-winning international group of tech companies. Specialising in the supply of software, IT hardware, training and service solutions to the public sectors, business and pro media markets. Academia has dedicated relationship Account Managers that specialise in providing the highest level of customer care and support giving you access to Solutions Teams offering knowledge and expertise in Apple, Music & Audio, Pro Video, Se...
Know more