IT Risk Management within the banking or financial services sector. -In-depth knowledge of ITSA, BIA, EIM, DR, and Cyber Security collaboration. -Strong understanding of regulatory requirements (e.g., FFIEC, ISO 27001, NIST, GDPR, etc.). -Familiarity with IT governance frameworks such as COBIT, ITIL, and risk frameworks like COSO or ISO 31000. -Experience conducting or supporting internal audits More ❯
Farnborough, Hampshire, South East, United Kingdom
Damia Group Ltd
to work effectively with cross-functional teams and influence strategic decisions. Qualifications Advanced qualifications or certifications Risk Management, or a related field. Advanced qualifications or certifications (e.g., CRISC, CISA, ISO31000) are highly desirable. Extensive experience in risk management roles within IT, preferably in environments that deal with sensitive or high-security information. Familiarity with industry standards and More ❯
consulting, audit or industry/operations Experience in planning and operating security risk/issue management-related processes and services. Experience in Risk Management aligned to certification requirements (ISO27001, ISO31000 or similar) required Knowledge of relevant security/governance frameworks (NIST CSF, ISO27001, CobiT, ) required Experience in service build up a plus Security Governance/Risk Management certification (CISSP, CGEIT More ❯
start to finish. Bonus points if you bring: Experience with AppSec and DevSecOps. Hands-on knowledge of Azure, AWS, and/or Google Cloud. Familiarity with standards like ISO2700X, ISO31000, NIST800, PCI-DSS. Certifications such as CISSP, CCSP, CRISC, CISM, or SABSA. Why QBE? At My Best? At QBE, we want our people to feel rewarded and inspired to perform More ❯
Almondsbury, Gloucestershire, United Kingdom Hybrid / WFH Options
Frontier Resourcing
design principles (e.g., threat modelling, secure-by-design). Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents … evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001/2/5/31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with security testing tools More ❯
including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST More ❯
including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST More ❯
