assess application-related risks Facilitate the risk evaluation process , including formatting, data collection, and impact assessments Perform control assessments to determine control effectiveness Use defined risk methodologies (eg FAIR, ISO31000) to rate risks and update internal risk registers Propose, document, and follow through on remediation plans and action items Monitor risk remediation efforts and ensure timely updates … experience in Risk Management and/or Information Security Proven experience conducting application-level security risk assessments Strong understanding of: Secure software and network architecture Risk management frameworks (eg ISO 3100X, NIST 800-30/37/39, ENISA, EBIOS, OCTAVE, FAIR) OWASP Top 10, encryption, data classification, and secure data flows Ability to read and interpret HLDs/… environments with cross-functional collaboration Strong attention to detail with advanced analytical and reporting capabilities Preferred Qualifications Industry certifications (eg CISSP, CISM, CRISC ) Experience working with Mitre ATT&CK, ISO 27001 , or similar InfoSec frameworks Exposure to enterprise-grade risk management tools and reporting platforms More ❯
City of London, London, United Kingdom Hybrid / WFH Options
WNTD
assess application-related risks Facilitate the risk evaluation process , including formatting, data collection, and impact assessments Perform control assessments to determine control effectiveness Use defined risk methodologies (eg FAIR, ISO31000) to rate risks and update internal risk registers Propose, document, and follow through on remediation plans and action items Monitor risk remediation efforts and ensure timely updates … experience in Risk Management and/or Information Security Proven experience conducting application-level security risk assessments Strong understanding of: Secure software and network architecture Risk management frameworks (eg ISO 3100X, NIST 800-30/37/39, ENISA, EBIOS, OCTAVE, FAIR) OWASP Top 10, encryption, data classification, and secure data flows Ability to read and interpret HLDs/… environments with cross-functional collaboration Strong attention to detail with advanced analytical and reporting capabilities Preferred Qualifications Industry certifications (eg CISSP, CISM, CRISC ) Experience working with Mitre ATT&CK, ISO 27001 , or similar InfoSec frameworks Exposure to enterprise-grade risk management tools and reporting platforms More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Networking People (UK) Limited
assess application-related risks Facilitate the risk evaluation process , including formatting, data collection, and impact assessments Perform control assessments to determine control effectiveness Use defined risk methodologies (eg FAIR, ISO31000) to rate risks and update internal risk registers Propose, document, and follow through on remediation plans and action items Monitor risk remediation efforts and ensure timely updates … experience in Risk Management and/or Information Security Proven experience conducting application-level security risk assessments Strong understanding of: Secure software and network architecture Risk management frameworks (eg ISO 3100X, NIST 800-30/37/39, ENISA, EBIOS, OCTAVE, FAIR) OWASP Top 10, encryption, data classification, and secure data flows Ability to read and interpret HLDs/… environments with cross-functional collaboration Strong attention to detail with advanced analytical and reporting capabilities Preferred Qualifications Industry certifications (eg CISSP, CISM, CRISC ) Experience working with Mitre ATT&CK, ISO 27001 , or similar InfoSec frameworks Exposure to enterprise-grade risk management tools and reporting platforms Networking People (UK) is acting as an Employment Business in relation to this vacancy. More ❯
Employment Type: Contract
Rate: £500 - £550 per day + Deemed Inside IR35 via Umbrella
easyJet operates as well as specific relevant regulations and standards such as NIS, GDPR, PCI DSS etc. • Knowledge of topic-specific framework & methodologies in areas such as Risk Management (ISO31000) IT management (e.g. COBIT) Information Security (NIST, ISF, ISO 27001), Service Delivery (e.g. ITIL) etc. What we can offer you Business Area Primary Location More ❯
IT Risk Management within the banking or financial services sector. -In-depth knowledge of ITSA, BIA, EIM, DR, and Cyber Security collaboration. -Strong understanding of regulatory requirements (e.g., FFIEC, ISO 27001, NIST, GDPR, etc.). -Familiarity with IT governance frameworks such as COBIT, ITIL, and risk frameworks like COSO or ISO 31000. -Experience conducting or supporting internal audits More ❯
consulting, audit, or industry/operations) Experience in planning and operating security risk/issue management-related processes and services Experience in Risk Management aligned with certification requirements (ISO27001, ISO31000, or similar) required Knowledge of relevant security/governance frameworks (NIST CSF, ISO27001, CobiT, etc.) required Experience in service build-up is a plus Security Governance/Risk Management certification More ❯
consulting, audit or industry/operations Experience in planning and operating security risk/issue management-related processes and services. Experience in Risk Management aligned to certification requirements (ISO27001, ISO31000 or similar) required Knowledge of relevant security/governance frameworks (NIST CSF, ISO27001, CobiT, ) required Experience in service build up a plus Security Governance/Risk Management certification (CISSP, CGEIT More ❯
Almondsbury, Gloucestershire, United Kingdom Hybrid / WFH Options
Frontier Resourcing
design principles (e.g., threat modelling, secure-by-design). Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents … evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001/2/5/31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with security testing tools More ❯
including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST More ❯
including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST More ❯
400M+ downloads. 75M+ monthly users. A decade of building - and we're still accelerating. Flo is the world's health app on a mission to build a better future for female health. Backed by a $200M investment led by General More ❯
aligned with the RIBA Plan of Work stages. Ability to engage with clients to establish clear security briefs and technology requirements. Understanding of the risk management process aligned to ISO 31000. Ability to manage and prioritise the workload of a project team including the delegation and quality assurance of tasks and deliverables. Experience of security philosophies and strategies such More ❯
