Information Security ConsultantIndustry: Financial/BankingLocation: The Loop, Chicago (60606)Terms: 6 Month Contract (chance of extension) Business Objective:The Information Security Consultant is primarily responsible for safeguarding customer data by ensuring appropriate controls are in place. The Information Security Consultant is accountable to ensure that information security risks within their portfolio are identified, assessed and reported, appropriate controls are in place, and local procedures and activities comply with Information Security (IS) Corporate Policy and Standard, the Information Security Manual (ISM), local standards and regulatory requirements.This individual be joining a team of 11 and the major initiative of assessing 66 (internal) business units. Each IS Consultant will be managing 5 portfolio reviews at a time, and each review takes 8 weeks. This is a high priority project!Job Description:Participates in Information Risk assessments and provides security knowledge to Information Risk Consultants working on the assessment.Prepare Draft Letters of Engagement that describe the information risk assessment process and scope of review.Complete assessments of information assets as assigned using established procedures and under the direction of the Senior Information Risk Consultant.Compile working papers produced as part of the assessment.Document issues identified during the risk assessment; participates in special risk assessments in response to changes to business processes, acquisitions, etc.Prepares reports that summarize results of the information risk assessment to ensure quality and completeness.Contributes to the bank’s overall business results by making recommendations that significantly improve operational efficiency and effectiveness.Skill Set:In depth knowledge of Information Security risk, ITGC Controls, and industry best practices with a minimum of 5 years relevant experienceGeneral understanding of a risk based assessment approach.Working knowledge of the technical areas such as data warehouses, mainframes, networks, applications etc.Working knowledge of Operating Group businessesExpert knowledge of Banking Corporate Policies, Standards, and operating procedures relating to information security riskInformation Security certification is preferred e.g. CISSP, CISSLP, and GIAC etc.