Security and Risk Management Consultant

Job title:

Security and Risk Management Consultant

Company:

F-Secure

Job description

Job DescriptionWithSecure™ protects businesses all over the world from modern threats. We do this through a Co-security approach born from first-hand knowledge that no one can solve every cyber security problem alone. Every single day, our diverse, growing team fights against online extortion, threats to national infrastructure, the unlawful spread of sensitive information, and everything in-between. The best part about working for WithSecure is our people! We are a community of dedicated and passionate professionals that take workplace happiness seriously. If you’re looking for something that’s more than just a job – we’d love to hear from you.Are you passionate about cyber security? Do you enjoy supporting organizations to develop their cyber resilience? Do you know how to conduct risk assessments and how to bring business and IT together to collaborate on cyber security – or do you understand how OT security posture affects the business? Then you should come work with us at WithSecure!We are looking for a Security and Risk Management Consultant to join our Consulting Team in the exciting adventure of improving the information security posture and cyber resilience of our clients.Working as a Security and Risk Management Consultant is characterized by trust. We strive for long term client-relationships and to be THE trusted information security advisor for our clients. Our vision is to provide the most qualified cyber advisory to our clients, adapted to suit their specific preconditions, so that the client improves their effective security posture, and their risks are mitigated. We help our clients by prioritizing where to focus their budgets to optimize their return on cyber security investments in their quest for cyber resilience.Located in our office in Copenhagen, you will take an active part in our company’s goal to deliver research-driven cyber security to protect organizations, society, and individuals from real-world threats. Our team is a diverse and talented mix of technical and creative experts, dedicated to pushing the boundaries of the industry with innovative thinking. We pride ourselves on fostering an environment rich in fun, collaboration, and continuous learning. Here, you will lead your own development and play a key role in shaping a workplace that you will proudly call home.Key Responsibilities

• performing cyber security gap assessments for clients across a variety of domains, including finance, operational technology (OT), critical infrastructure, and cloud service providers.
• performing PCI DSS assessments and building PCI DSS programs for clients
• defining cyber risk mitigation strategies
• establishing information security governance frameworks
• advising on security objectives and risk appetite, security strategy and budget
• developing and maintaining good, long-term relationships with the client and their stakeholders, including business, IT, product management and software development organizations
• being an upstanding colleague! Supporting other team members (maybe even by mentoring) and enabling us to succeed collectively.

What are we looking for?

• Ideally you have 3-5 years of professional experience within information security with a suitable educational background
• your current role is probably an information security consultant, CISO, security manager, security architect, information security auditor, or similar
• you have a track record of successful security and/or risk management experience
• you are proficient in English
• you are experienced in some of the following fields:

• security improvement programs
• information security frameworks, such as CIS18, NIST CSF, ISO 27001, PCI DSS, ISA/IEC 62443 and others, including national frameworks
• legal requirements for information security, such as NIS, GDPR, and national legislation
• threat modelling
• cyber maturity assessment and IT audit
• governance, risk and compliance
• privacy assessments

Bonus points

• Recognized certifications within risk, security and privacy management, especially PCI QSA, but also CISSP, CISM, ISO27001 Lead Implementor, CISA, or CRISC.
• Previous consulting experience and strong network in industry.
• Experience with agile process models and different flavors of software development lifecycles are a plus
• technical architecture skills (including cloud architecture) are a plus
• software development/SDLC competence and experience from assisting organizations in their journey to shift left as well as practical security engineering experience.
• Understanding and speaking Danish

What will you get from us

• 1 to 1 coaching and mentorship sessions led by seasoned and well-respected industry-leading professionals
• The opportunity to be involved in service development to shape the services we deliver to our clients to be aligned with future market needs
• Access to our state-of-the-art bespoke training platform
• Classroom-based learning sessions and the opportunity to attend external training courses and security conferences
• Opportunities to push the industry forward through research using our blogs, talks, white papers and by participating at industry events

As part of the WithSecure Consulting team you will be working with some of the best security people in the world with a wide variety of passions and skills. We’ve been working years to acquire and retain highly skilled individuals – many of those who have left the team, have later returned after a brief stint elsewhere. If you like helping companies to improve their information security posture and cyber resilience, and challenge conventional wisdom, WithSecure Consulting has got your back.Work with great peopleWilliam JardineManaging Consultant“The freedom is a big thing for me. The trust you are doing something worthwhile.”Fairuz ZainorResearcher“I joined WithSecure (previously F-Secure) straight after graduating and now, 10 years later, I am still happy to be here.”Kinga BaranProgram Manager“WithSecure gives me a feeling of appreciation for what I do as well as ongoing challenges to grow personally. This sounds like a slogan but it really happens here!”Great Place to WorkOver 900 amazing colleagues in 18 officesPossibility to protect the worldWork with best of class experts who careRelaxed, open and fun working environment70+ nationalitiesGlobal with the spirit of a small companyAbout the companyPurpose – Why we exist
We are here to build and sustain trust in a digital society
We are here to build and sustain trust in a digital society – trust that is threatened by uncertainty, fear and worry caused by cyber attacks and crime.Vision – Where we are heading
No one should experience a serious loss because of a cyber attack
We envision a future where no one should experience a serious loss or be put out of business because of cyber attack or crime. At least no one who puts their trust in us.Mission – What we do
Accelerate transition to outcome-based security
Our mission is to research, innovate and build technologies, human expertise and delivery-business models that will accelerate our customers’ and partners’ transition to outcome-based security.Diversity & Inclusion:WithSecure is an equal opportunity employer and believe that employing a diverse workforce is central to our success. We are committed to ensuring all qualified applicants will receive consideration for employment without regard to nationality, colour, race, ethnic or national origin, sex, gender (including gender reassignment), sexual orientation, religion or belief, age, marital status or physical or mental disability.
We will do everything we can to support you during your application. If you need us to make any adjustments to our recruitment process, speak to our recruitment team who will be happy to support you!

Expected salary

Location

København

Job date

Fri, 01 Nov 2024 01:59:01 GMT

To help us track our recruitment effort, please indicate in your email/cover letter where (vacanciesineu.com) you saw this job posting.