Southampton, Hampshire, United Kingdom Hybrid / WFH Options
NICE
all about? The Information Security Analyst is primarily responsible for ensuring compliance with information security frameworks such as Cyber Essentials, Cyber Essentials Plus, ISO 27001, ISO 27701, ISO42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness … standards, and risk management processes. Audit Preparation: Assist internal control owners in scoping appropriate evidence and preparing for external audits. Gap Assessments: Facilitate and / or conduct internal gap assessments and audit readiness evaluations for frameworks such as ISO 27001, GDPR, and DORA. Framework Tracking: Monitor updates … sexual orientation or any other category protected by law. Apply for this job indicates a required field First Name Last Name Email Phone Resume / CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf LinkedIn Profile Do you have any first-degree relatives (spouse, parent, child, sibling More ❯
email, calls, support tickets) Contextual Understanding: Understand the customer's business context and how their compliance questions relate to their use of our products / services or their broader GRC strategy Information Dissemination: Clearly articulate complex compliance concepts to both technical and non-technical customer stakeholders Relationship Building: Build … and Annex A controls accurately Strong familiarity and understanding of ISO42001 (Artificial Intelligence Management Systems) and its core principles / requirements. Must be able to discuss its objectives and key components Exceptional communication skills (written and verbal), with a proven ability to explain complex … a sense of belonging for future and current Mironeers around the world, and foster an environment where everyone can collaborate and embrace differences. Resume / CV Resume / CV Attach File types: pdf, doc, docx, txt, rtf File size: max 2MB Cover Letter Attach File types: pdf, doc More ❯
and existing applications, ensuring that all potential attack vectors are identified and mitigated. Develop and maintain security automation scripts and tools, such as SAST / DAST, to detect and respond to threats; automate security monitoring and alerting using Splunk, ELK, or Chronicle; develop security-as-code practices using Terraform … Ansible, or Kubernetes security policies. Harden and secure AWS / Azure / GCP, endpoint, and IAM environments and enforce cloud security best practices. Perform offensive activities and proactively hunt for vulnerabilities. Participate in the incident response process, providing technical expertise to manage and resolve security incidents; contribute to … are up-to-date and effective. ️ Is This You? CISSP, CISA, or CISM certification is strongly recommended, but not required. ISO 27001 / 27701 /42001, SOC-2, PCI DSS, and GDPR knowledge, experience, and qualifications are highly desirable. At least 5 years of More ❯
why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional. Work / Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why … frameworks such as ISO 27001, ISO42001, NIST 800-53, NIST 600-1 or PCI-DSS. Experience and / or certification in AWS products and services. Experience in threat modeling, secure coding, identity management and authentication, cryptography, Responsible AI and hands-on technical More ❯
