The Information Protection Consultant will oversee the implementation and management of network security processes, have responsibility for protection technologies including data loss prevention and endpoint protection as well as engaging with the business division to manage their information protection requirements.
Support the implementation and management of network security processes such as firewall infrastructure change management, web filtering and network access controls to help ensure policies and standards are effectively applied.
Oversee vendors responsible for configuration and management of information protection technologies including data loss prevention and endpoint protection, and ensure they meet contractually defined Service Level Agreements.
Engage with business divisions to identify and manage their information protection requirements as an input into the development and management of DLP policies.
Provide support to the security operations team and incident management personnel for the investigation and resolution of information protection events in order to ensure that any incidents are managed in a timely and effective manner.
Identify new technologies which can help the organisation and aid in the information protection programme; and review, test and determine true value and practicality of these proposed technologies.
Deliver and maintain an information classification scheme across the organisation to support the discovery, classification, archival / storage, destruction and disposal of information (both physically and electronically) in line with its business value.
Support the deployment of mobile device management solutions including technologies for remote wipe and encryption of mobile devices to help ensure mobile assets are protected
Bachelor's degree (preferred but not essential) or equivalent experience in computer science, IT engineering, or related field
A MSc Information Security or equivalent would be an advantage
Information Security and/or Information Technology industry certification (CISSP, CISM, GIAC or equivalent) strongly preferred
Member of IISP or have the qualification, skills and experience to become a member
Industry certifications for enterprise-level data loss prevention tools preferred such as Symantec CSP in Data Protection, Certified McAfee Security Specialist (CMSS - DLP), Websense Data Security Suite (DSS) Professional etc.
Knowledge of various data protection technologies such as Data Masking, Data Encryption, DLP, Key Management etc.
Knowledge of various endpoint tools and technologies
Organised with a proven ability to prioritise workload, meet deadlines, and utilise time effectively
Strong interpersonal and communication skills; able to deal effectively with diverse skill sets and personalities, works effectively as a team player
Strong analytical skills
Prior work experience in information security is essential
Prior work experience in information protection
Prior work experience in designing, developing, implementing and managing a data protection or data privacy programme
Proficient in reporting to leadership on programme effectiveness