assess application-related risks Facilitate the risk evaluation process , including formatting, data collection, and impact assessments Perform control assessments to determine control effectiveness Use defined risk methodologies (eg FAIR, ISO31000) to rate risks and update internal risk registers Propose, document, and follow through on remediation plans and action items Monitor risk remediation efforts and ensure timely updates … experience in Risk Management and/or Information Security Proven experience conducting application-level security risk assessments Strong understanding of: Secure software and network architecture Risk management frameworks (eg ISO 3100X, NIST 800-30/37/39, ENISA, EBIOS, OCTAVE, FAIR) OWASP Top 10, encryption, data classification, and secure data flows Ability to read and interpret HLDs/… environments with cross-functional collaboration Strong attention to detail with advanced analytical and reporting capabilities Preferred Qualifications Industry certifications (eg CISSP, CISM, CRISC ) Experience working with Mitre ATT&CK, ISO 27001 , or similar InfoSec frameworks Exposure to enterprise-grade risk management tools and reporting platforms More ❯
City of London, London, United Kingdom Hybrid / WFH Options
WNTD
assess application-related risks Facilitate the risk evaluation process , including formatting, data collection, and impact assessments Perform control assessments to determine control effectiveness Use defined risk methodologies (eg FAIR, ISO31000) to rate risks and update internal risk registers Propose, document, and follow through on remediation plans and action items Monitor risk remediation efforts and ensure timely updates … experience in Risk Management and/or Information Security Proven experience conducting application-level security risk assessments Strong understanding of: Secure software and network architecture Risk management frameworks (eg ISO 3100X, NIST 800-30/37/39, ENISA, EBIOS, OCTAVE, FAIR) OWASP Top 10, encryption, data classification, and secure data flows Ability to read and interpret HLDs/… environments with cross-functional collaboration Strong attention to detail with advanced analytical and reporting capabilities Preferred Qualifications Industry certifications (eg CISSP, CISM, CRISC ) Experience working with Mitre ATT&CK, ISO 27001 , or similar InfoSec frameworks Exposure to enterprise-grade risk management tools and reporting platforms More ❯
easyJet operates as well as specific relevant regulations and standards such as NIS, GDPR, PCI DSS etc. • Knowledge of topic-specific framework & methodologies in areas such as Risk Management (ISO31000) IT management (e.g. COBIT) Information Security (NIST, ISF, ISO 27001), Service Delivery (e.g. ITIL) etc. What we can offer you Business Area Primary Location More ❯
400M+ downloads. 75M+ monthly users. A decade of building - and we're still accelerating. Flo is the world's health app on a mission to build a better future for female health. Backed by a $200M investment led by General More ❯
aligned with the RIBA Plan of Work stages. Ability to engage with clients to establish clear security briefs and technology requirements. Understanding of the risk management process aligned to ISO 31000. Ability to manage and prioritise the workload of a project team including the delegation and quality assurance of tasks and deliverables. Experience of security philosophies and strategies such More ❯
