breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO … /IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005/ 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯
breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO … /IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005/ 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯
meeting multiple standards for compliance (including NIS-R, ISO 27001 and SEMD) and incorporating cyber, physical and personnel security risks. Developing and implementing a Risk Management framework / model and guiding the selection of appropriate GRC tools. Planning and delivering a regular Security Risk Management Group (SRMG) function. Developing a framework, processes and tooling, and leading the … providing written and verbal briefs to senior leaders, Working Groups and the board. Actively developing the Security Risk Management knowledge and skills of Information Security colleagues and other YTL / WWSL colleagues when appropriate. Regularly seeking to refine the measurement, assessment and management of risk: includes improved deterministic risk assessment techniques and adoption of probabilistic assessment approaches (such as … Monte Carlo modelling techniques). What you'll need Significant experience in Security Risk Management in Government organisations, National Infrastructure and / or Critical National Infrastructure organisations or similar enterprises. Experience implementing Risk Management in large organisations. Experience in evaluating and managing third-party security risk. Experience of working to achieve and maintain compliance with the requirements of regulatory More ❯
