JOB TITLE: INFORMATION SECURITY & IT GOVERNANCE
DEPARTMENT/ UNIT: TECHNOLOGY CONSULTING
JOB GRADE: CONSULTANT
To consult in Technology and Risk Assurance and act as an Information security and training consultant.
DUTIES & RESPONSIBILITIES
A Consultant shall be a respected professional in her/his field who shall consistently apply the firm’s policies and procedures to:
(a) Contribute expertise to client and internal assignments.
(b) Keep abreast of developments in her/his area(s) of expertise so as to retain the position of a recognised specialist.
(c) Develop experience beyond current boundaries for both personal and the firm’s development.
(d) Update her/his CV on a regular basis.
2. EOIs and Proposals
When assigned by her/his Staff Manager, assist in preparing:
(a) Expressions of interest.
(b) The technical component of a proposal as directed by the designated Staff Manager, including conducting any necessary research.
(a) Carry out assignment duties in accordance with the terms of reference and assignment programme.
(b) Carry out assignments employing professional knowledge and innovative solutions to problems encountered
(c) Prepare and submit weekly reports to the Assignment Manager.
(d) Ensure that a soft copy of every document relating to an assignment (whether a Word document, spreadsheet or in another format) is duly filed in that assignment’s file in the Assignment Management System.
(e) Deliver outputs that meets the required professional standards and within the expected time.
(f) Make or participate in presentations to clients as required.
(g) Accept and provide constructive criticism in order to test findings and recommendations and to ensure that the best advice is given and presented through superior quality media, especially in written format.
(h) Work closely with clients to identify needs and identify opportunity to ‘sell on’ other professional services.
(a) Develop materials and facilitate as a trainer on topics of her/his specialisation.
(b) Develop materials and facilitate generally (and at least once every six months) as a trainer and facilitator for the firm’s training programmes, thus gaining exposure to other skills and topics and honing presentational skills.
5. Team Leadership (when assigned to this role)
(a) Hold regular team meetings in order to review progress and ensure exchange of experiences and ideas.
(b) Act as the day-to-day interface between the client and our team.
(c) Encourage, motivate and manage the team on site.
(d) Manage the assignment in accordance with the instructions given by the Assignment Manager and keep her/him informed of progress.
6. Practice Development
(a) Identify opportunities to – or as requested - take the lead in conducting training courses on topics in area(s) of specialisation and participate generally in the firm’s training programmes both internally and for clients.
(b) Monitor and research emerging client needs and market developments in products and services in her/his area of specialisation and recommend new developments and upgrading in which the firm might invest.
(c) When assigned, develop and upgrade products and services in accordance with the approved budget(s).
(a) Account for all time through the Assignment Management System.
(b) Demonstrate respect for and adherence to the firm’s values and culture.
(c) Maintain appropriate confidentiality in all aspects of work.
Reports to Managing Consultant/Associate Partner
Min Required Experience: 5 year(s)
Min Qualification: Bachelor's Degree/HND
- Technical skills in Networking and System Administration
- Vast in the use of information security tools;
- Experienced in penetration tests and vulnerability assessments
- Experienced in risk assessment
- IT security controls and process knowledge
- Hands on experience on GRC
- Ability to work as a member of a multi-discipline professional team working in a multi-cultural environment
- Ability to multi-task and to work under pressure.
- Good analytical skills and an eye for detail.
- Ability to identify issues and value for money solutions that will satisfy clients’ needs in a complex setting.
- Imagination and creativity that can be translated into innovative but practical solutions.
- Experience with Cyber programs within financial institutions
- Excellent communication and presentation skills, ability to communicate technical concepts to non-technical audiences, particularly senior executives
- Experience identifying key threat scenarios, and executing tests of cyber controls.
- Strong technical experience in information security and infrastructure assessments.
- Strong innovative problem solving skills.
- Effective presentation skills and a confident speaker.
- Strong drive and focus, coupled with other listed skills, to be able to convert plans into action and requisite results on time.
- Good oral and written English.
- Able to conduct interviews effectively.
- Able to work on her/his own initiative, i.e. with minimal supervision.
- Bachelors’ degree in Engineering or Computer Science and any other relevant field.
Knowledge & Experience
- 5 - 7 years cognate experience
- Knowledge of current and expected changes in business that will impact on her/his area of specialisation.
- A specialist in her/his area which represents marketable technical experience.
- A track record of progressive achievement and advancement in leading IT Security and Governance assignment.
Must have at least four of the following professional qualifications:
- Networking – CCNA, CCNP
- System Administration – MCTS, etc.
- Project Management - Prince2/PMP
- Penetration Testing – LPT, OCI
- IT Security – CISSP, ISO 27001LA/LI/QSA
- IT Service Management – ISO 20000 Practitioner
- Business Continuity Management – ISO 22301 LA/LI
- IT Governance – COBIT5 Assessor/Implementer, CDPO