Senior Information Security Consultant

All Jobs > Senior Information Security Consultant

The Senior Information Security Consultant is a senior individual contributor role that spans both Cyber Security and Information Security Governance (GRC). The role owns security controls end-to-end and is directly accountable for ISO 27001 and/or SOC 2 audit outcomes, while remaining hands‑on across AWS-hosted environments.

Key Responsibilities

• Own assigned areas of ISO 27001 and/or SOC 2 audits as technical control owner.
• Act as primary technical point of contact for auditors, leading walkthroughs and responding to queries.
• Define, review, and approve technical audit evidence and drive remediation of findings.
• Provide senior hands‑on security expertise across AWS (IAM, logging, monitoring, network security).
• Own or oversee vulnerability management, including prioritisation, remediation, and audit‑ready reporting.
• Provide senior input into SIEM, monitoring, and incident response.
• Oversee endpoint and SaaS security controls (e.g. Microsoft 365).
• Act as a senior technical authority and coach less‑senior team members.

Requirements

• Senior experience in a technical information security role.
• Direct ownership of ISO 27001 and/or SOC 2 audit controls, including auditor interaction and remediation.
• Strong hands‑on experience securing AWS-hosted environments.
• Practical experience with vulnerability management, SIEM, and monitoring.
• Strong judgement and ability to explain technical controls to auditors and engineers.
• SaaS or cloud-native environments.
• Familiarity with NIST CSF or CIS Controls.
• Automation or scripting experience.

#J-18808-Ljbffr…