5 of 5 ISO/IEC 27001 Jobs in Guildford

The Information Security Director develops, shapes, and maintains Sycurio's information security capability, driving the attainment and maintenance of the ISO27001, PCI-DSS, and SOC2 compliance. They are the subject matter expert on all things regarding security and compliance, owning the information risk management processes. They are the thought leader on all matters within the security and compliance domain such … the information security strategy to relevant parties and providing assurance of policies, procedures, and systems. Develop, maintain, and expand the information security management system ('ISMS') to optimise compliance for ISO27001, PCI-DSS, and SOC2. Identify gaps in the information security capability, both technical and operational, and propose remediation and mitigation plans and solutions. Responsible for the Company's information security … degree in Computer Science, Cybersecurity, or related field (Master's preferred). Industry certifications such as CISSP, CISM, CISA, or equivalent. Experience: 10+ years of information security experience. Financial / Fintech services / payments desirable. Deep knowledge of security frameworks (PCI, ISO 27001, NIST) and regulations (GDPR, CCPA). Experience with PCI DSS compliance More ❯

and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving … to work every day. And you'll never stop growing, whatever your level . Discover more reasons to connect with us, our people and purpose-driven culture at deloitte.co.uk / careers More ❯

with the latest security trends, threats, and technology solutions. Ensure compliance with relevant laws, regulations, and industry standards. Prepare and present security reports to senior management. Skills Preferred Skills / Requirements Ideally around 5 years of experience in cybersecurity or a related field. Knowledge of security frameworks and standards (e.g., ISO 27001, ITIL, NIST). … Experience with security tools and technologies (e.g., firewalls, IDS / IPS). Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. Ability to work independently and as part of a team. Experience with cloud and internet security. Familiarity with regulatory requirements (e.g., GDPR, HIPAA). Qualifications / training desirable but not essential. More ❯

with the latest security trends, threats, and technology solutions. Ensure compliance with relevant laws, regulations, and industry standards. Prepare and present security reports to senior management. Skills Preferred Skills / Requirements Ideally around 5 years of experience in cybersecurity or a related field. Knowledge of security frameworks and standards (e.g., ISO 27001, ITIL, NIST). … Experience with security tools and technologies (e.g., firewalls, IDS / IPS). Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. Ability to work independently and as part of a team. Experience with cloud and internet security. Familiarity with regulatory requirements (e.g., GDPR, HIPAA). Qualifications / training desirable but not essential. More ❯

member firms and stakeholders in the global firm to participate in the Technology Standards and Maturity Assessment with the objective to assess the member firm's overall IT capability / maturity and to help them establish their own priorities. Keep abreast of new and emerging technologies being deployed and ensure risk assessment processes are appropriately applied and advise on … decisions with technology risk impacts as new activities and other change management / transformational initiatives. Leverage available technical resources / tools to research; expand technology risk knowledge to enhance work product, to remain up to date on member firms and line of businesses hot topics while sharing the technology risk knowledge amongst the team where applicable. Advise member … programme process including the use of ServiceNow Integrated Risk Management module to support integrated IT risk Management processes. An understanding of the principals around CMMI, COBIT, ITIL, PMI, Prince2, ISO27001, SOC2. Cybersecurity or IT Risk Management experience which should include either control testing or compliance assessment experience. A strong understanding of system development life cycles approaches and concepts (CMMI knowledge More ❯