Job Details

Information Security Consultant

Job Posting: 06/03/2019
Travel: Yes, 15 % of the Time
Requistion ID 190001WO


Job Description

Information Security Consultant

Location: Flexible – Home Working
The opportunity: 

As an Information Security Consultant within the Global Assessment Team, reporting to the Information Security Governance, you will  work with local, regional and Group IT functions, IT Service Providers and Zurich business functions to manage Compliance, Information Security and IT Risk to support the Business objectives of the Group. 

Your main focus will be providing subject matter expert consultancy to projects and business initiatives; supporting them in the successful delivery of solutions aligned with company standards and recognised best practice. You will work with our key vendors to assess their IT controls, commitment to their compliance and security obligations, and manage next steps. You will work with our security, compliance, legal, risk and procurement professionals to enforce compliance and escalate issues.

You will have the opportunity to drive process improvement and support the ongoing development of less experienced staff through coaching and knowledge sharing. 

Key Responsibilities:  
  • Assist with complex projects to identify business and technical security requirements, design security controls and test their effectiveness

  • Provide consultancy to major projects and services on effective mitigation of risks, and control implementation

  • Review and support requests for vendor security due diligence assessments

  • Maintain, manage and monitor compliance to the internal control frameworks such as the IT Risk Standards / CITCC, ICF / RMC and regulatory / legal and other obligations / requirements

  • Apply and support IT security, risk and compliance technologies. Provide support of policy / standards exceptions, report status to management and advice on corrective actions

  • Assess operational risks and perform tactical risk assessments within the organization

  • Assist coordination and implementation of appropriate IT governance, metrics collection, and reporting capabilities for vendors and across Group IT

  • Provide consultancy for analysis and identification of broader systemic issues within the organization based on results of security metrics information

  • Provide guidance on implementing IT compliance control objectives and provide/ support gap analysis

  • Track timely closure of identified control gaps and actively support action owners during issue remediation

  • Provide input to improve efficiency and effectiveness of IT Security Governance Services and Group Information Security (GIS) processes

  • Partner with regional stakeholders, e.g Group IT functions, Group Risk Management, Group Compliance, Group Audit and business leaders

  • Requires occasional travel to; Corporate Center (Zurich), the business division headquarters (Schaumburg, Los Angeles, Swindon, etc depending on role location); travel will typically not exceed 5%. 

Your skills and experience: 
  • Bachelor’s Degree or equivalent in Business, Computer Science or a related field

  • Minimum 5 years professional experience including 2+ years IT security / cyber

  • Experience with Security Assessments
  • Strong knowledge of information security concepts and current information sourcing and security trends and practices

  • Knowledge of control frameworks such as NIST, SANS CIS and ISO 2700x

  • Ability to understand and interpret architectural diagrams

  • Experience of implementing and auditing ISMS

  • Experience of assessing Cloud infrastructure

  • Certification such as CISSP, CISM, CISA, ITIL, etc. are preferred

  • Experience with working across business unit and geographical boundaries to engage team members required

  • Strong communication skills
  • Strategic orientation with the ability to act tactically as required

  • Ability to build strong working relationships
  • Ability to work independently
  • Knowledge of GRC automation tools such as RSA/Archer Suite or similar products and tools.  

The Reward:

We offer an excellent lifestyle benefits package which includes –

  • Industry leading Defined Contribution Pension scheme where employer contributions are 12 % of base salary
  • 25 days holiday per year, plus an additional 3 volunteering days
  • Full private medical cover
  • Annual company bonus
  • Company car/car allowance
  • Discounted gym membership
  • Discounted gadget insurance
  • Discounted technology offers
  • Virtual GP appointments
  • Free flu jab
  • Discounted will writing service
  • Home workers allowance
  • Plus many more!
Who we are:

With about 55,000 employees serving customers in more than 170 countries we aspire to become the best global insurer as measured by our shareholders, customers and employees. If you're interested in working in a dynamic and challenging environment for a company that recognises and rewards your creativity, initiatives and contributions - then Zurich could be just the place for you. The success of our business is built on the contributions of our highly talented employees - people who work every day to position us at the forefront of the insurance industry. We therefore look to hire great people and we encourage those people to give their best.


You’ll feel the support of being part of a strong and stable company. A long-standing player in the insurance industry, we make every effort to address the career development needs and plans of our employees to ensure their success in the future.


Further information:


At Zurich, we aim to have a diverse mix of employees that reflects our customers and the communities in which we live and work. Zurich is a workplace that values different opinions, respects personal needs, and provides equal opportunities for all, regardless of age, gender, race, religion, disability, marital status, gender identity, pregnancy/maternity status and sexual orientation.  Our approach ensures that Zurich is a place that values different opinions, respects personal needs, and provides equal opportunities for all. We are committed to continuous improvement and we offer access to a comprehensive range of training and development opportunities. Zurich is passionate about supporting employees to help others by getting involved in volunteering, charitable and community activity through the Zurich Community Trust. 

So make a difference. Be challenged. Be inspired. Be supported, Love what you do. Work for us.