consulting, audit or industry/operations Experience in planning and operating security risk/issue management-related processes and services. Experience in Risk Management aligned to certification requirements (ISO27001, ISO31000 or similar) required Knowledge of relevant security/governance frameworks (NIST CSF, ISO27001, CobiT, ) required Experience in service build up a plus Security Governance/Risk Management certification (CISSP, CGEIT More ❯
IT Risk Management within the banking or financial services sector. -In-depth knowledge of ITSA, BIA, EIM, DR, and Cyber Security collaboration. -Strong understanding of regulatory requirements (e.g., FFIEC, ISO 27001, NIST, GDPR, etc.). -Familiarity with IT governance frameworks such as COBIT, ITIL, and risk frameworks like COSO or ISO 31000. -Experience conducting or supporting internal audits More ❯
Almondsbury, Gloucestershire, United Kingdom Hybrid / WFH Options
Frontier Resourcing
design principles (e.g., threat modelling, secure-by-design). Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents … evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001/2/5/31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with security testing tools More ❯
including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST More ❯
including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST More ❯
