All Jobs > Senior Information Security Consultant
The Senior Information Security Consultant is a senior individual contributor role that spans both Cyber Security and Information Security Governance (GRC). The role owns security controls end-to-end and is directly accountable for ISO 27001 and/or SOC 2 audit outcomes, while remaining hands‑on across AWS-hosted environments.
Key Responsibilities
* Own assigned areas of ISO 27001 and/or SOC 2 audits as technical control owner.
* Act as primary technical point of contact for auditors, leading walkthroughs and responding to queries.
* Define, review, and approve technical audit evidence and drive remediation of findings.
* Provide senior hands‑on security expertise across AWS (IAM, logging, monitoring, network security).
* Own or oversee vulnerability management, including prioritisation, remediation, and audit‑ready reporting.
* Provide senior input into SIEM, monitoring, and incident response.
* Oversee endpoint and SaaS security controls (e.g. Microsoft 365).
* Act as a senior technical authority and coach less‑senior team members.
Requirements
* Senior experience in a technical information security role.
* Direct ownership of ISO 27001 and/or SOC 2 audit controls, including auditor interaction and remediation.
* Strong hands‑on experience securing AWS-hosted environments.
* Practical experience with vulnerability management, SIEM, and monitoring.
* Strong judgement and ability to explain technical controls to auditors and engineers.
* SaaS or cloud-native environments.
* Familiarity with NIST CSF or CIS Controls.
* Automation or scripting experience.
#J-18808-Ljbffr