Oh oh! Awesome! {$ msg.text $} ({$ msg.count $})

Security and Risk Management Consultant

Are you passionate about cyber security? Do you enjoy supporting organizations to develop their cyber resilience? Do you know how to conduct risk assessments and how to bring business and IT together to collaborate on cyber security? We at WithSecure would want to work with you!

We are looking for a Security and Risk Management Consultant to join our Consulting Team in the exciting adventure of improving the information security posture and cyber resilience of our clients.

Key Responsibilities

  • performing risk assessments
  • performing PCI DSS assessments and building PCI DSS programs for clients
  • defining risk mitigation strategies
  • establishing information security governance frameworks
  • advising on security objectives and risk appetite, security strategy and budget
  • developing and maintaining good, long-term relationships with the client and their various stakeholders, including business, IT, product management and software development organisations
  • being an upstanding colleague!

Who are we looking for?

  • you have 3+ years of professional experience within information security with a suitable educational background
  • your current role is probably an information security consultant, CISO, security manager, security architect, information security auditor, or similar
  • you have a track record of successful security and/or risk management experience
  • you are proficient in Finnish and English
  • you are experienced in some of the following fields:
    • ISO/IEC 27001
    • security improvement programs
    • information security frameworks, such as CIS, NIST, PCI DSS and others, including national frameworks
    • legal requirements for information security, such as NIS, GDPR, and national legislation
    • risk assessment and threat modelling
    • cyber maturity assessment and IT audit
    • governance, risk and compliance
    • privacy

Bonus points

  • recognized certifications within risk, security and privacy management, IT management and project management are a plus, but not a requirement. For example CISSP, CISM, ISO27001, CISA and OSCP
  • experience of agile process models and different flavours of software development lifecycles are a plus
  • technical architecture skills (including cloud architecture) are a plus
  • skills to work with roles within software development, such as technical architects, software developers and product management, on their terms

    What will you get from us?

    • 1 to 1 coaching and tutorship sessions led by seasoned and well-respected industry-leading professionals
    • access to our state-of-the-art bespoke training platform
    • classroom-based learning sessions and the opportunity to attend external training courses and security conferences
    • opportunities to push the industry forward through research using our blogs, talks, white papers and by participating at industry events

      As part of the WithSecure Consulting team you will be working with some of the best security people in the world with a wide variety of passions and skills. We've been working years to acquire and retain highly skilled individuals – many of those who have left the team, have later returned after a brief stint elsewhere. If you like helping companies to improve their information security posture and cyber resilience, and challenge conventional wisdom, WithSecure Consulting has got your back.

      Work with great people

      William Jardine
      Managing Consultant
      "The freedom is a big thing for me. The trust you are doing something worthwhile."
      Fairuz Zainor
      Researcher
      "I joined WithSecure (previously F-Secure) straight after graduating and now, 10 years later, I am still happy to be here."
      Kinga Baran
      Program Manager
      "WithSecure gives me a feeling of appreciation for what I do as well as ongoing challenges to grow personally. This sounds like a slogan but it really happens here!"

      Great Place to Work

      • Over 900 amazing colleagues in 18 offices

      • Possibility to protect the world

      • Work with best of class experts who care

      • Relaxed, open and fun working environment

      • 70+ nationalities

      • Global with the spirit of a small company

      About the company

      Purpose – Why we exist
      We are here to build and sustain trust in a digital society
      We are here to build and sustain trust in a digital society — trust that is threatened by uncertainty, fear and worry caused by cyber attacks and crime.

      Vision – Where we are heading
      No one should experience a serious loss because of a cyber attack
      We envision a future where no one should experience a serious loss or be put out of business because of cyber attack or crime. At least no one who puts their trust in us.

      Mission – What we do
      Accelerate transition to outcome-based security
      Our mission is to research, innovate and build technologies, human expertise and delivery-business models that will accelerate our customers’ and partners’ transition to outcome-based security.

      Diversity & Inclusion:

      WithSecure is an equal opportunity employer and believe that employing a diverse workforce is central to our success. We are committed to ensuring all qualified applicants will receive consideration for employment without regard to nationality, colour, race, ethnic or national origin, sex, gender (including gender reassignment), sexual orientation, religion or belief, age, marital status or physical or mental disability.
      We will do everything we can to support you during your application. If you need us to make any adjustments to our recruitment process, speak to our recruitment team who will be happy to support you!

      Tomasz Godlewski | Contact Person

      I'm interested
      WithSecure

      Multiple locations
      Visit website