Establish a cybersecurity risk management program designed to identify, report, and respond to cyber security risks in accordance with industry standards and frameworks, (NIST Cybersecurity Framework, NIST800-37, ISO/IEC 27001) and regulations (SOX, GDPR, HIPAA) Own and drive requirements for cybersecurity … years experience in cybersecurity risk management Solid understanding of cybersecurity policies, standards, and controls Experience and solid understanding of industry standards (NIST Cybersecurity Framework, NIST RMF and ISO/IEC 27001 etc.), and regulatory standards such as (HIPAA, SOX, GDPR, SOC2, PCI etc.) Experience with control … testing and validation (e.g. NIST800-53 etc.) Experience developing cybersecurity metrics and reporting involving various areas and stakeholders Experience with implementing risk management processes, risk register within enterprise GRC management platforms (e.g., ServiceNow, OneTrust) Ability to think strategically, innovatively, and execute effectively Proven experience in more »
with ticketing systems (ex. Remedy, Service Now) to assess information security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NISTSP800-53, Cybersecurity Framework, etc.). to identify cybersecurity and privacy issues that stem from connections with internal and external About you: Degree more »
role holder will have detailed working knowledge of the European/Global regulatory environment governing cybersecurity together with a deep understanding of ISO27001, NIST-SP800, NIS-2, IEC62443, EN50600 and other common standards, CISSP, CISM and/or CISA certifications would be beneficial but equivalent experience or demonstratable more »
GRC tools and guidance developed for Risk mitigation.Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST800-32KPI/KRIStrong knowledge of cyber controls, policies, and procedures.Experience of delivering metrics for senior level audiences.Demonstrate analytical and problem more »
City Of London, England, United Kingdom Hybrid / WFH Options
Mimecast
and possible targets What You'll Bring: Experience with the examination or implementation of technical controls, such as SOC 2, ISO, TISAX or NIST800-53 Excellent verbal and written communication skills Has demonstrable skill working with internal and external stakeholders Experience engaging with external auditing more »
Office (Word, Excel, PowerPoint, SharePoint) (Required) Experience in multinational companies (Required) Strong knowledge of Risk management (Required) Working knowledge of Risk management frameworks (NIST 800.X, ISO 3100X (Preferred) Working Knowledge of Change/Delivery methods and associated controls from conception to realisation (e.g. MoP, MSP, PRINCE2, MoR etc. more »