2 of 2 ISO/IEC 27005 Jobs in the South East

Cyber Essentials Plus, ISO 27001, DSPT and GDPR. Responsibilities Conduct risk assessments for systems, projects and third parties; document findings and remediation. Review and respond to supplier / security questionnaires and tender submissions. Support vulnerability and patch management; interpret scans and prioritise fixes. Advise IT teams on alerts, incidents and security configuration (M365 / Azure / Defender / DLP / Conditional Access). Maintain risk register and track remediation actions from audits or incidents. Support compliance activities (ISO 27001, Cyber Essentials Plus, DSPT) and contribute to policy updates. Provide clear security advice to projects and senior stakeholders. What you'll need to succeed Proven experience in information security, with a blend … M365, Defender suite, DLP, Conditional Access). Skilled in evaluating supplier security through questionnaires, procurement documents, and assurance reviews. Knowledgeable in risk management practices and frameworks such as ISO 27005 and NIST RMF. Familiar with key compliance standards including ISO 27001, Cyber Essentials Plus, DSPT, and GDPR. Capable of interpreting vulnerability assessments and advising More ❯

by Design risk and security assurance function within MOD as part of a managed service. Have an excellent understanding of risk management and assessment principles and frameworks, such as ISO27005 and the NIST Cyber Security Framework. Produce informative and succinct reporting that clearly articulates any identified vulnerabilities, associated risks, controls and risk treatment activity. Facilitate security and risk workshops with … the various Authority departments, to align with wider customer transformational Security and risk management outcomes. Provide accurate and pragmatic remediation / risk management guidance / advice in balance with Business objectives and risk appetites. Have an understanding of risk assessment in an agile delivery environment. Exceptional team working ethic and interpersonal skills. Have a good understanding of modern … IT technologies and services, such as Cloud Computing, AI (ISO42001), Mobile Computing, IT Security, Infrastructure technologies, Zero Trust, Data at Rest / In Transit Cryptography, Cross Domain Solutions and demonstrate an understanding of security architecture both physical and cloud (be able to read and understand HLDs / LLDs). Strong working knowledge of : Security Assurance Coordinator or Delivery More ❯