GRC Analyst (InfoSec ISO27001) Sunderland / WFH to £40k Are you a tech savvy GRC Analyst looking to progress your career? You could be joining a successful and growing online gaming / gambling site as they expand their European presence. As a GRC … aim of protecting customers and the business alike from cyber security attacks. You'll maintain and continuously improve ISO27001/ 2 policies, standards and procedures; collaborate across teams to drive adoption and adherence to InfoSec policy and guidelines and contribute to the continuous improvement … although could be other industry e.g., finance You have a good understanding of governance standards and frameworks e.g., ISO27001/ 2, PCI-DSS, NIST, ISF, GDPR You have good commercial awareness and experience of delivery security awareness within a large scale organisation You have more »
Support Specialist will do... Implement, maintain, and continuously improve, the Integrated Management System (IMS) in accordance with the requirements of the relevant standards (ISO 9001, ISO 14001, ISO 22301, ISO27001, and ISO 45001) and business needs. Take … conjunction with the direction given by the Managing Director. Assist the Head of IT through delivery of the IMS management programme to maintain ISO27001 accreditation in Information Systems. Assist in the identification and development of improvements to the business through the IMS, providing support to … applications from applicants currently living in Northern Ireland. Desirable Training qualification in Internal Auditing of an ISO Standard. Knowledge of the construction / fit out industry Knowledge of ISO’s particularly ISO 9001, ISO 14001 and ISO 45001. Awareness more »
identify and implement process improvements to enhance service delivery efficiency and effectiveness. Ensure compliance with IT security and compliance standards, including ISO/IEC27001 and GDPR, by implementing and maintaining appropriate controls and procedures. Lead service reviews with clients to assess performance … management, with a strong understanding of ITIL principles and best practices. In-depth knowledge of IT security and compliance standards, including ISO/IEC27001 and GDPR. Experience developing, managing, and negotiating SLAs and KPIs to monitor service performance. Excellent communication skills, both more »
Reading, England, United Kingdom Hybrid / WFH Options
Vallum Associates
security, (people, process, electronic, data, physical) in Spring Fibre. • You will be a subject matter expert and provide security guidance and recommendations to technology / business teams and contribute to Spring’s security policies, standards, and guidelines related to information and Network security. • This is a technical role and … to understand the architecture, data flow and security controls in their systems. • Conduct periodic security compliance assessments and ISO27001/ 2 reviews of BAU IT applications, infrastructures & ISMS. • Review the security posture of potential M&A acquisition targets. Requirement • Mapping long term business requirements … BCP, outsourcing, managed services, cloud computing, asset management, cryptographic keys & certificate management, PCI DSS and DPA compliance and ISO27001/ 2. • Analysing network security controls, including firewall and router security configuration. Preferred • Delivering the security review processes and frameworks, with full audit trail. • Managing more »
Cardiff, South Glamorgan, Wales, United Kingdom Hybrid / WFH Options
Circle Group
Cyber Security Engineer - Cardiff A leading firm in Cardiff requires a Cyber Security Engineer with good experience in cyber security / IT security. This role can be hybrid working, with 3 days in the office, and the rest working from home. You will join a Cyber Security Operations (SecOps … + Benefits + Some home working. To apply press apply now or send your CV to matthew.leach @ circlerecruitment.com Keywords: IT Security / Cyber Security /ISO27001/ Networking / Patching / Systems / Cardiff Circle Recruitment is acting as more »
X3 Cyber Security Operations Managers - SOC - URGENT - Security - Offices Based In Reading / Oxford and Woking / Thames Valley🌳🌳🌳 Areti Group has exclusively partnered with a rapidly growing tech company who are actively seeking x3 Senior Cyber Security Operations Managers These roles are very urgent. Incredibly exciting opportunity … security, email security, network security tools, SIEM and SOAR etc, and be able to optimise such tools. • Must have a have experience in Vulnerability / Threat management including threat intelligence and threat hunting. • Must have good written and oral communication skills, including incident reporting and stakeholder management. • Must have … and knowledge. • Security related certifications are desirable, particularly blue team certs such as SANS / GIAC. • Understanding of cyber security standards and frameworks (ISO27001, NIST, SANS, OWASP etc) 🌳🌳🌳PLEASE FOLLOW Areti Group 🌳🌳🌳 All the latest jobs and insights – Climate positive tech recruitment | We’re on a mission to put more »
security framework, including: Security Architecture policies, principles, and standards for application across the organisation. Alignment to industry standards and regulation e.g. ISO/IEC27001/ 27002 / 27005. Security specific patterns, models, and blueprints. Define as-is and to-be more »
security framework, including: Security Architecture policies, principles, and standards for application across the organisation. Alignment to industry standards and regulation e.g. ISO/IEC27001/ 27002 / 27005. Security specific patterns, models, and blueprints. Define as-is and to-be more »
enforcement of Swissport information security strategy, policy, standards, controls and processes. ▪ Drive the investigation of compromised accounts and MCAS alerts. ▪ Investigate on L3 requests / tickets. ▪ Manage EDR: fine-tune detection rules, monitor and add exclusions where required, investigate open cases, perform incident response. ▪ Identify threats and conduct risk … a combination of different areas, such as: network security, email gateway security, cloud security, vulnerability Global Job Description Template Job Description management, security architecture / design / engineering (in addition to the degree or previous qualifying work experience) • Function / Market & Industry Knowledge / Business Acumen … / Process working o Understanding and knowledge of, at least, one information security management frameworks, such as ISO/IEC27001, COBIT and NIST; awareness and understanding of compliance and data protection regulations, such as GDPR o Understanding of firewalls, proxies, SIEM more »
Information Security Officer Hours : part-time, 3 days per week Company : Growing Software Vendor Why : Support the build & maintenance ISO27001 and other policies Location : Greater Reading area office (hybrid, 1 day in the office initially then as and when needed) Do you have 3+ years' experience in a commercial compliance … or information security role? Have you been part of maintenance of ISO27001 policies and procedures? Are you a collaborative person that enjoys making a difference? The company are a leading software vendor, experiencing huge growth and with a reputation for being a market leader. They are looking for an experienced … to support the build and completion of ISO27001. You will work closely with C-suite level stakeholders and teams to build and maintain all ISO27001 processes and policies. Once this has been submitted, you will build and support compliance and security initiatives for the business. Responsibilities include: Information Security Officer more »
desire to grow and develop the functions of the role. Roles and Responsibilities You will be expected to manage & own elements of Technical Publications / Authoring work / tasks and conform to challenging project timelines. Liaise with product suppliers to compile data and information and translate to a … variety of national / international / civil / military specifications, and produce physical / electronic deliverables reflecting quality processes to a high standard of written and technical English compliant with Def Stans and JSPs. Commission, coordinate or prepare illustrations and occasionally technical training packages as required … the business and align your colleagues to this activity Focus on continuous improvement - working with the engineering and production leadership teams to improve efficiency / quality during build. Experience Previous experience as a Technical Author or similar within an engineering function, preferably within the defence industry Extracting information from more »
function with a Security Operations team. Detailed knowledge of forensic tools, techniques, and methods. Experience of working with security frameworks (e.g. ISO/IEC27001, PCI DSS, Cyber Essentials, etc.) and incident management best practice (e.g. NIST, NCSC, etc.). Salary / … least two days a week) and an attractive pension scheme (up to 21% employer contributions). The closing date for applications is on 12 / 04 / 2024. Hays Technology have been retained by The University of Manchester to manage the recruitment of this role. For all enquiries more »
Manchester, Greater Manchester, United Kingdom Hybrid / WFH Options
Coalfire
Manchester, UKAssessment Services – AppDev / Finance / B2B / Regular Full Time / RemoteAbout CoalfireCoalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and … against regulatory and industry requirements and standards, and against security best practice frameworks. You will have a strong understanding of framework requirements, perform audit / assessments, and develop reports for clients. You will also provide quality control and peer review to other members of the delivery staff. This role … integrity and effectiveness of security measures. You will test technical controls, policies and procedures, laws, regulations, and industry best practices.What You'll DoLead audits / assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews. Prepare, review and approve assessment reports. Manage priorities more »
Senior Security Engineer (IT / OT) Reading - ideally hybrid, however a degree of flexibility may be available for those based further afield. Salary - negotiable + 15% bonus scheme & benefits package My client, a leading global manufacturer based in Reading are actively recruiting for an experienced security engineer to join … related projects. Experience 5-10 years' work experience in IT Security engineering. Knowledge of common information technology management frameworks such as ISO/IEC27001, ITIL, COBIT, and NIST. Strong knowledge of network security, operating systems, databases, web applications, and cloud computing. Strong … understanding of security technologies, such as firewalls, intrusion detection / prevention systems, SIEM, antivirus, and data loss prevention. Experience with security assessment tools and techniques, including vulnerability scanning and penetration testing. Proven experience as an IT Security Engineer with exposure to OT security - Claroty For more details, please reach more »
keeping track of risks and recommendations based on the vendor’s lack of control Co-ordinating and performing vendor reviews Your Profile Key skills / knowledge / experience: Knowledge of Cloud-based technologies such as IaaS and Saas solutions, emphasizing information security control and data protection requirements Comprehension … in leading a team ISO27001, NIST 800-53 experience to help in third party security risk assessment efforts Experience / Knowledge of working on GRC tool’s Strong communication skills for interactions with clients and or suppliers, this includes working with multiple business, service … including audit, vulnerability scanning, and security policy and standards review, emphasizing managing IT security policies and standards ISO27001 LA / LI, CySA+ certification CISSP, CISM or CISA certification preferred Knowledge of SaaS or PaaS is preferred Rewards & Benefits TCS is consistently voted a Top more »
outsourcing, managed services, cloud computing, asset management, cryptographic keys and certificate management, PCI DSS and DPA compliance, and ISO27001/ 2. Analysing network security controls, including firewall and router security configuration; Preferred: Delivering the security review processes and frameworks with a full audit trail. … developing new technology, including developing any needed processes. Aligning business requirements to complex security architecture frameworks. Skills Required: In-depth knowledge of: Firewall: Juniper / Cisco / Palo Alto. Onion Security, Splunk, Suricata, Kali. Application Security. Identity and Access Management. Data Protection Endpoint Security. Cyber Security Operations. Experienced … with Threat Modelling. Pen testing and basic incident response. Scripting languages ( python, or PowerShell / building dashboards / automating common tasks) Preferred : Experience in designing systems against a zero-trust architecture. Experience with designing SOC architectures (i.e. SIEM, SOAR and vulnerability management solutions). Expert-level certification in more »
all Stakeholders in order to assess the suitability and resilience of our Key Suppliers. Contribute to the monitoring of an effective Business Continuity Plan / Disaster recovery plan by working with Stakeholders to update the plan and to ensure the plan is tested at least annually. Contribute to the … Required for the Role A strong quality management background obtained from significant and relevant experience in a similar role. Competence and experience in implementing / assessing / monitoring ISO management standards, ISO 9001:2015 and or ISO 27001. Experience in auditing and … to deal with conflicting demands ensuring key priorities and deadlines are met through effective time-management. Excellent knowledge of computerised systems e.g. Microsoft Office / Windows applications. Excellent written and verbal communication skills, and the ability to influence the behaviour of colleagues at all levels in the Business. The more »
organization and promoting awareness and policy implementationHorizon scanning – analysis and advisory for changes in the cyber landscape, legislation, industry, standards (i.e updates to NIST /ISO etc) that may impact internal Standards / Governance / decision makingWork closely with other cybersecurity teams to understand threat … Head of Cyber Governance and Standards in various capacities as neededYour skills and experiences: Essential:Robust knowledge of relevant standards and regulations (e.g., ISO27001, NIST)Ability to collaborate with cross-functional teamsAnalytical and problem-solving skillsPrevious experience working in large and complex organisationsAbility to produce more »
and promoting awareness and policy implementation Horizon scanning - analysis and advisory for changes in the cyber landscape, legislation, industry, standards (i.e updates to NIST /ISO etc) that may impact internal Standards / Governance / decision making Work closely with other cybersecurity teams to understand … of Cyber Governance and Standards in various capacities as needed Your skills and experiences: Essential: Robust knowledge of relevant standards and regulations (e.g., ISO27001, NIST) Ability to collaborate with cross-functional teams Analytical and problem-solving skills Previous experience working in large and complex organisations more »
Newcastle Upon Tyne, England, United Kingdom Hybrid / WFH Options
TrueNorth®
Network & Security Engineer Location: Newcastle Upon Tyne Salary: £70,000 - £90,000 Work Type: Hybrid (2 / 3 days) The Company We are working with a highly audited insurance business that has recently grown significantly in the past year. This opportunity is for a hands-on lead Network operations … fundamentals – LAN / WAN, routing / switching Treat Analytics – Microsoft ATA / Defender & Mimecast Understanding of Cyber frameworks -NIST /ISO27001/ PCI – DSS Experience with network audit’s Benefits 27 days annual leave, hybrid working, excellent pension and more If this role sounds interesting more »
OT estate. What You'll Bring: The individual should be educated to degree level in a relevant discipline and must be one of CISM / CISSP / CISA / TOGAF / CRISC. Must have 5 years’ cyber security experience. Must have proven expertise in Compliance Management … the NCSC Cyber Assessment Framework. Good understanding and practical experience of Cyber Security Frameworks and standards such as NCSC security principles, NIST Framework, ISO27001, ISO27005, IEC62443 etc. Excellent command of written English. Strong interpersonal and relationship building skills. Role will require Security Clearance This is more »
Lead the audit / assessment of operations controls and processes against the required internal and industry standards, including but not limited to COBIT, ISO27001, NIST, PCI-DSS, Cyber Resilience Framework Develop a test strategy and produce control test plans to test the design and operational effectiveness of controls, ensuring … and deficiencies, risk exposures and adjustments to the operations risk profile to senior management and Second & Third Line of Defence, as appropriate Support control / action owners in the design of remediation action plans for identified control deficiencies Assist in establishing inherent risk ratings, control rating, and residual risk … interested in joining us at AXA, please don't hesitate to apply. About you What we’re looking for: Previous controls governance and assurance / audit experience in a large organisation Strong understanding of operational risk, control concepts and frameworks Excellent stakeholder management skills Good knowledge of industry best more »
Leading the business to deliver frequent risk assessments for approval by supported business functions and the Control & Cyber Strategy Manager, ensuring registers are maintained / amended as required. Leading and managing a team of Operational Technology Cyber risk specialists who will conduct risk assessments of NIS Critical systems. Ensuring … to report on risk posture, metrics, mitigation strategies and investment priorities. Experience Demonstrable experience utilising risk assessment methodologies (e.g., NIST 800-30, ISO27005, IEC 62443, FAIR). Demonstrable experience working with industry best practices and security control frameworks (e.g., NIST 800 53, ISO27001 … across the business. Confidence to challenge, take ownership of complex challenges, lead risk assessments, agree and build future improvement plans. Moderate understanding of ICS / SCADA (e.g., IEC 62443 framework). Understanding of UK Network & Information Systems (NIS) Regulations desirable. Communicating complex messages both orally & in writing more »
Stevenage, Hertfordshire, United Kingdom Hybrid / WFH Options
Robert Walters
Platform, Azure) Microsoft Enterprise Mobility and Security + Wider Security & Compliance experience Microsoft Azure Microsoft 365 design and deployments Office 365 product suite (SharePoint / OneDrive / Exchange / Teams) Intune Product family (SCCM, Intune, MDT, MDM, Autopilot) Mobility / BYO devices and services such as … of third-party delivery agencies to scope, refine, and produce deliverables. Gathering and managing non-functional requirements for infrastructure and technical services Business Continuity / Disaster Recovery Designing secure technical solutions - networks, storage, cloud (Microsoft Azure), Servers and third-party data centres Implementing security solutions that are compliant to … DPA / GDPR, cyber essentials, ISO27001 within large enterprises. The permanent opportunity for a Technical Architect will pay a salary range of £60,000 to £75,000 plus car cash allowance and bonus with a hybrid working model. This is an opportunity to join more »