7 of 7 Permanent ISO/IEC 27002 (supersedes ISO/IEC 17799) Jobs in the South East

Person Specification Qualifications Essential ITIL v3 Service Management Qualification Educated to degree level or equivalent Formal certification (ISACA: Certified Information Security Manager (CISM). CISSP, or CRISC) and / or formal training in information security standards and best practice (e.g.: ISO 27001 / 2, COBIT), or equivalent work experience demonstrating understanding of … the same. Experience Essential Extensive experience of developing and delivering an Information Security service to a large complex organisation using confidential and / or sensitive information Desirable IT experience gained in both and Acute and Community setting Disclosure and Barring Service Check This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such … any previous criminal convictions. Employer details Employer name Royal Berkshire NHS Foundation Trust Address Royal Berkshire Hospital Princes House, London Road Reading RG1 5UZ Employer's website https: / / www.royalberkshire.nhs.uk / More ❯

policies. Person Specification Qualifications Essential Masters level degree or equivalent experience in a related subject Formal certification (ISACA: Certified Information Security Manager (CISM). CISSP, or CRISC) and / or formal training in information security standards and best practice (e.g.: ISO 27001 / 2, COBIT), or equivalent work experience demonstrating understanding of … any previous criminal convictions. Employer details Employer name Royal Berkshire NHS Foundation Trust Address Royal Berkshire Hospital Princes House, London Road Reading RG1 5AN Employer's website https: / / www.royalberkshire.nhs.uk / More ❯

program, organisational structures, and capabilities Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response / Next Gen Protection and Response (EDR / XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and … / or analysis and investigations, ideally in complex environments, with security event correlations across a variety of sources i.e. cloud, network, endpoint, logs Ability to perform detailed assessments, identify areas for improvement and make recommendations to transform an organisation's cyber security operations and capabilities to better protect, detect and rapidly respond to modern threats Demonstrated experience in … security operations capabilities such as improvements in asset visibility, threat detection capabilities, automation techniques, case management, enablement of compliance and regulatory requirements Experience in conducting threat hunting and / or compromise assessments to identify active or dormant indicators of compromise (IoCs) or evidence of unknown threats within an organisations digital environment Relevant industry certifications including GIAC Defensible Security More ❯

program, organisational structures, and capabilities Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response / Next Gen Protection and Response (EDR / XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and … / or analysis and investigations, ideally in complex environments, with security event correlations across a variety of sources i.e. cloud, network, endpoint, logs Ability to perform detailed assessments, identify areas for improvement and make recommendations to transform an organisation's cyber security operations and capabilities to better protect, detect and rapidly respond to modern threats Demonstrated experience in … security operations capabilities such as improvements in asset visibility, threat detection capabilities, automation techniques, case management, enablement of compliance and regulatory requirements Experience in conducting threat hunting and / or compromise assessments to identify active or dormant indicators of compromise (IoCs) or evidence of unknown threats within an organisations digital environment Relevant industry certifications including GIAC Defensible Security More ❯

threat modelling, risk assessments, and recommend effective security controls following "Secure by Design" principles Develop security documentation, reference architectures, and governance frameworks aligned with NIST, NCSC, and ISO standards Collaborate with stakeholders across all defence lines to ensure regulatory, privacy, and risk compliance Mentor junior consultants and support the growth of the Security Practice through knowledge … KPIs, and compliance measures What you'll bring: Knowledge of frameworks such as NIST CSF, NIST 800-53, and NCSC CAF Strong understanding of networking, cloud security (AWS / Azure), IAM, and vulnerability management Familiarity with ISO 27001 / 27002 and related standards Awareness of modern threats, malware, and security More ❯

Monitor and review technology control effectiveness and follow up on remediation actions Evaluate compliance against internal standards, regulatory expectations and recognised industry frameworks (such as NIST and ISO) Assist with supplier due diligence and third-party technology risk assessments Support elements of the operational resilience programme and technology incident review activity Prepare clear, concise reporting and … teams Naturally inquisitive with the ability to break down detail and provide clear conclusions Comfortable working across several workstreams at once Knowledge of ISO 27002, NIST, PCI DSS, UK GDPR or cloud environments (such as Azure) would be advantageous This role would suit someone who enjoys detail, enjoys engaging with people and wants to More ❯

Monitor and review technology control effectiveness and follow up on remediation actions Evaluate compliance against internal standards, regulatory expectations and recognised industry frameworks (such as NIST and ISO) Assist with supplier due diligence and third-party technology risk assessments Support elements of the operational resilience programme and technology incident review activity Prepare clear, concise reporting and … teams Naturally inquisitive with the ability to break down detail and provide clear conclusions Comfortable working across several workstreams at once Knowledge of ISO 27002, NIST, PCI DSS, UK GDPR or cloud environments (such as Azure) would be advantageous This role would suit someone who enjoys detail, enjoys engaging with people and wants to More ❯