2 of 2 ISO 31000 Jobs in Somerset

you will be responsible for: Devising and implementing a strategy for Security Risk Management across our OT, IT and Digital estates, meeting multiple standards for compliance (including NIS-R, ISO 27001 and SEMD) and incorporating cyber, physical and personnel security risks. Developing and implementing a Risk Management framework/model and guiding the selection of appropriate GRC tools. Planning … Ability to work independently and act as the primary subject-matter expert on security risk management within WWSL and YTL Group. A thorough understanding of risk management requirements within ISO 27001 and NIS-R is essential, with a good working knowledge of other security standards and frameworks such as NIST, JSP 440 and Cyber Essentials. Working knowledge of ISO 31000 & ISO 27005 is an advantage. Current on the latest technology and security concepts, trends and issues. A highly effective written and verbal communicator at all levels, able to communicate our risks and WWSL's security risk management vision with passion and clarity to any audience. Adept at translating complex technical or security concepts into clear and More ❯

including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST More ❯