technical concepts and assessment results verbally and in written reports in simple terms; Knowledge of IEC 62443, MITRE ATT&CK for ICS, NIST CSF, NISTSP800-82 and relevant regulations in EU and UK; Interest and ability to write exciting whitepapers and publications ; A supportive and a proactive personality , you know how to More ❯
AlertMedia platform Experience with Conducttr platform Familiarity with Salesforce Shield, Event Monitoring, and encryption features Understanding of business continuity and disaster recovery frameworks (e.g., ISO 22301, NISTSP800-34, FFIEC) Working knowledge of data governance, compliance (e.g., GDPR, HIPAA), and audit readiness Soft Skills: Excellent documentation, communication, and problem-solving skills Please note you must More ❯
license management, quality inspections, and certification processes like FRACAS/CAP and corrective actions. Our architecture emphasizes business process alignment and compliance with cybersecurity standards including NISTSP800-171, CMMC, ITAR . We aim to develop BNN , a generative AI model that provides detailed insights into operational and analytical processes, ensuring compliance with DFARS and More ❯
like FRACAS/CAP and corrective actions. Our architecture emphasizes not only functionality but also aligns with business processes and government policies, including cybersecurity standards like NISTSP800-171, CMMC, and ITAR compliance. We aim to leverage Generative AI models to analyze data, identify knowledge gaps, and maintain operational and regulatory compliance, especially with DFARS More ❯
EBA Guidelines). Has a comprehensive understanding of what it takes to comply with cyber security industry standards and frameworks in practise (e.g. ISO 27001, NIST CSF, SP800-53, NCSC CAF, Cyber Essentials). Has a thorough understanding of cyber security threat and risk with the ability to think like an attacker and design controls More ❯
as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯
3+ years' experience performing IT Audit or security control testing. Knowledge of internal audit methodologies, including risk assessment, execution, and reporting. Proficiency in industry standards and frameworks (e.g., NIST800-53, ISO 27001/27002). Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). More ❯
day-to-day operations to major transformation projects. Main responsibilities: Leading security assurance, assessments, and advisory for IT and business projects (both Cloud and On-Prem), aligned to NIST800-53 standards. Partnering with security architecture and other teams to define and embed security patterns and controls. Developing non-functional security requirements and guiding their integration … to finish. Bonus points if you bring: Experience with AppSec and DevSecOps. Hands-on knowledge of Azure, AWS, and/or Google Cloud. Familiarity with standards like ISO2700X, ISO31000, NIST800, PCI-DSS. Certifications such as CISSP, CCSP, CRISC, CISM, or SABSA. Why QBE? At My Best? At QBE, we want our people to feel rewarded and inspired to perform at More ❯
making across engineering and leadership teams. - Support Compliance and Audit Readiness: Build and maintain solutions that automate evidence gathering and real-time compliance monitoring across frameworks such as NIST800-53, HITRUST, PCI-DSS, and FedRAMP. - Collaborate Across Teams: Partner with cloud engineering, GRC, and program teams to align internal tooling with evolving compliance needs and … Microsoft Sentinel, Defender XDR, Purview, Entra ID, Azure Policy. - Hands-on experience integrating or piloting AI agents or LLMs in operational workflows. - Knowledge of compliance standards such as NIST, HIPAA, FedRAMP, PCI, SOC2, or HITRUST. - Security certifications such as SC-200, GCSA, or equivalent. Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment More ❯
understanding of Operational Technology (OT) environments, with hands-on experience in securing and modernising legacy systems, including DCS, SCADA, and ICS, aligned to NCSC CAF, IEC 62443, and NIST800-82. Direct experience supporting Ofgem regulatory reporting and compliance, including preparation of ISSA returns, evidence packs, and action tracking in line with NIS Regulations and More ❯
Assurance Risk Assessment and Risk Treatment Plans Establish security requirements for cloud-based solutions by evaluating business strategies and requirements, implementing security standards such as ISO 27000 series, NIST, CSF, and CSA Identify and deliver appropriate controls based on industry standards (e.g. CCM) to drive cloud and customer security solutions framework based on business risk and cloud native … IAM Cloud security concepts, technologies and best practices for delivering security across IaaS, PaaS, SaaS and Serverless architectures Implementing Information Security and Privacy Standards and Frameworks (e.g. ISO 27k, NIST800-53, CIS, GDPR) Leading security working groups and external security testing (ITHC, Penetration Testing, etc) of cloud solutions at high HMG classification levels (OFFICIAL required, SECRET desirable) or equivalent in More ❯
client projects: Design and manage comprehensive security programmes tailored to diverse environments, including hybrid IT/OT settings. Deliver projects aligned with industry frameworks and compliance requirements, such as NIST800-53, ISO27001, NIST CSF, NIS 2, DORA. Leverage emerging technologies such as AI, IoT, cloud solutions, and advanced threat detection systems. Advise on their application, assess their suitability More ❯
