Information Security Consultant

The information Security and Compliance Consultant responsible to evaluate the level of compliance with Exponential-e & Vysiion.s strategy and its mission, generally accepted operating principles, government & health contracting requirements and applicable rules and regulations; and will participate as a compliance expert, as appropriate, in groups established to support business initiatives or process modifications and oversee coordination of compliance implementation with other departments and business units. He will also be responsible for analysing new and proposed legislation that impacts company operations, products, services, or distribution channels, and initiate appropriate action.,

• Managing a program of implementation or transition, internal and external assessments of exponential-e's conformity with international & government standards; ISO9001, ISO2700 1, ISO22301, Cyber Essentials Plus, Security Controller, HMG Compliance Frameworks,, and CREST Accreditation.


• Device control and analysis; SIEM - Alien Vault, Knownbe4, Data Prevention Loss


• Reporting on the performance of the compliance management system to the Management Team.


• Development Establish or implementation of policies and procedures that are aligned with compliance framework and business requirements.


• Engaging with key stakeholders to ensure ongoing maintenance of the management system in compliance to standards.


• Managing assets under his ownership in accordance with the requirements identified in "Asset Register & Risk Register"


• Scheduling and conducting business management system reviews


• Identifying resources and target dates for the implementation of risk treatment, corrective actions identified in the Continual Improvement Plan ("CIP").


• Maintaining the Legal and regulatory obligations internall and externally


• Conducting and managing Privacy Impact Analysis ({IA), Business Impact Analysis (BIA) and evaluating any associate risks.


• Delivering appropriate compliance training and awareness to new employees/contractors and throughout their engagement with exponential- e in accordance with the Organisation's Training and Awareness requirements.


• Facilitating the performance of risk assessments with risk owners, capturing risk treatment actions selected for implementation to the formal Continual Improvement Plan ("CIP").


• Capturing the justification of acceptance of any risk calculated to be above the acceptance threshold in the "Asset Register & Risk Assessment"


• Monitor & manage internal and external risks such as; Brexit, Covid-19, Russia-Ukraine conflict


• Maintaining a register of all relevant legislative statutory and contractual requirements.


• Ensuring that the correct and current version of documents is available in the Business Management System drive.


• Supporting Sales, Bid and Legal with with compliance due diligence, schedules and contractual agreement.


• Notification to Customers of relevant information security incidents/loss of confidentiality of information.


• Organising and managing IT Health Checks.
  
  Previous experience as a Quality or information security consultant


• Organisation, project management, and planning skills


• Ability to analyse current working practices and provide ideas to improve visibility and efficiencies of compliance management system


• Good knowledge, implementing and maintaining international standards (ISO's, SOC2, Government standards


• Understanding knowledge of audit, education, risk, legal, investigations, ethics, and policy development.


• Ability to think ahead and minimise business risks
  
  Founded in 2002, Exponential-e swiftly established itself as a UK Cloud, Connectivity and Communications pioneer. Throughout our history, a focus upon leveraging leading-edge technology to deliver profitable and innovative services to our clients and prospects has resulted in industry and peer recognition for our ground-breaking approach, a truly world-class ICT services company.


We're a company of innovators who think big and achieve bigger! Our people are crucial to the continuing success of our company. From our CEO to our new Graduates, each of our people demonstrates our PRIDE principles which are at the core of everything we do., Our people are what makes Exponential-e Group the company it is today. This year's employee survey highlighted that 81% of employees who took the survey, would recommend a friend to work for our organisation.

Learning and development are fundamental parts of daily life at Exponential-e. From their first day at the company, everyone is provided ample opportunities to develop their skills and broaden their horizons, with our own L&D team running a range of bespoke courses, based on the latest innovations and challenges across the digital landscape.

Exponential-e Group is committed to providing equal opportunities in employment and treating all employees with respect and dignity. The company respects and values the diversity of its staff, striving to maintain an environment where there is opportunity for everyone to feel valued, their talents to be utilised and for both personal and organisational aspirations to be met. Every employee plays a vital role in helping to create an inclusive working environment by understanding and harnessing difference in a positive way.