1 to 25 of 33 Permanent Information Security Specialist Jobs

As a Senior Control Assurance Assessor, you'll test security controls both on-premise and in the cloud to ensure design implementation, safeguarding Experian's assets. You'll assess control design, performance, and compliance with standards and regulations, reporting to the Information Security Control Assurance Testing Manager. Identifying gaps, documenting findings, and recommending improvements to mitigate risks … are important responsibilities. Using data-driven testing techniques and a defined methodology, you'll collaborate to ensure controls meet current risks and regulatory requirements. Primary Responsibilities Conduct security control assessments, using documented control activities (where they exist) and regulatory requirements. Develop test plans, test cases, and procedures, applying data from security tools to capture evidence. Use queries and … Contribute lessons learned by integrating partner feedback to improve the control testing program. About Experian About us, but we'll be brief Experian is the world's leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses, and society. Experian is a global data and technology company, powering opportunities for people and More ❯

needs always in mind, our employees deliver end-to-end technology solutions connecting the space, air, land, sea and cyber domains in the interest of national security. Job Title: Information Security Systems Engineer Job Code: 24133 Job Location: Huntsville, AL Job Schedule: 9/80 Job Description: Applies current systems security engineering methods, practices and technologies to … the architecture, design, development, evaluation and integration of systems and networks to maintain system security. Works closely with Government customers to ensure that the security protection needs, concerns and requirements are defined and implemented with appropriate fidelity and rigor, early and in a sustainable manner throughout the life cycle of system that will allow for the security authorization … or commercial product vendors in the design and evaluation of state-of-the-art secure systems, networks, and database products. Uses methods such as encryption technology, vulnerability analysis and security management. Responsible for integration of multiple methods into a cohesive system security perimeter and environment and the policies and procedures necessary to monitor and maintain such an environment. More ❯

OVERVIEW The Information System Security Engineer II and III is responsible for supporting all aspects of a Program Information Assurance (IA) processes tailored to include minimum qualification standards, fundamental awareness and familiarity to demonstrated competency with specific experience in Cyber Security, Engineering, Test & Evaluation, (T&E) and/or Security Control Assessor (SCA) under a … Certification & Accreditation (C&A) and/or Assessment & Authorization (A&A) process. Must have active Secret clearance and be a US Citizen. The Information System Security Engineer II and III: Support all aspects of Program Information Assurance (IA) activities across the Certification & Accreditation (C&A) and/or Assessment & Authorization (A&A) lifecycle. Apply knowledge and experience … in cybersecurity, engineering, Test & Evaluation (T&E), and/or Security Control Assessment (SCA) roles. Demonstrate working knowledge of the Risk Management Framework (RMF) and/or prior experience with Defense Information Assurance Certification and Accreditation Process (DIACAP). Interpret and apply relevant security policies and guidance documents to support the development and maintenance of IA artifacts More ❯

with one heart, one mind, and one purpose, we can accomplish our mission and be an organization anyone would be proud to be a part of. POSITION SUMMARY The Information Security Specialist is vital in safeguarding the confidentiality, integrity, and availability of systems and data within the Distributed Common Ground System (DCGS) and the STATEFARM programs. This … cybersecurity postures, implementing RMF controls, responding to vulnerabilities, and supporting continuous monitoring initiatives. Working closely with the Zero Trust Architect, DevSecOps engineers, system administrators, and government cybersecurity personnel, the specialist will manage system security controls, support developing and reviewing System Security Plans (SSPs), and assist with Security Analysis Reports. The specialist monitors network and user … while addressing emerging threats and maintaining system resiliency. ESSENTIAL JOB FUNCTIONS Evaluate, implement, and maintain cybersecurity frameworks following the DoD Risk Management Framework (RMF). Develop and update System Security Plans (SSPs), Security Analysis Reports, and associated RMF documentation for DCGS and STATEFARM systems. Design and enforce access control policies, user authentication procedures, and network monitoring protocols. Conduct More ❯

retain. At MAG, we look for individuals who thrive in a high-performance environment where challenges are the norm and success is expected. We are looking for a Jr Information System Officer (ISO) to join our team to support the Navy Cyber Warfare DevGru (NCWDG). Your role would be to provide Cybersecurity support as an Information Systems … Officer (ISO) ensuring the confidentiality, integrity, availability, authentication, and non-repudiation of information systems operating in a classified environment. Must be a US Citizen Requires a current Top Secret security clearance. A CI Polygraph will be required within 6 months. Essential Duties and Responsibilities Essential Duties and Responsibilities include the following. Other duties may be assigned. Monitor the … Command's information systems. Ensure that all servers, switches, routers, crypto, fiber connections, attached leased circuits and distant end hardware are all fully secure and following proper operations through security scans and implementation of security controls as directed, Monitor user accounts ensuring correct permissions are assigned for level of access. Validate in hold accounts of detaching personnel More ❯

Information Security Specialist (Information Security and Cyber Security) Hybrid working: 3 days per week in the office. The Information Security Specialist will play a pivotal role in shaping my clients cyber resilience strategy. The role involves providing expert guidance to stakeholders on information security matters, managing technical cybersecurity tools … and operations, and overseeing compliance with regulatory standards. It will lead the development and execution of the cyber and information security strategy, ensuring alignment with ISO 27001, GDPR and Cyber Essentials. The ideal candidate will have strong information security experience alongside hands-on technical knowledge of SIEM, EDR, vulnerability management, and incident response. Responsibilities: - Serve as … a subject matter expert for information security, advising stakeholders on risks, controls, and security best practices. - Support business units with risk-based security input for projects, client bids, and technology initiatives. - Manage cybersecurity tooling including SIEM, EDR, and mail filtering systems to ensure effective threat detection and response. - Monitor, investigate, and respond to alerts and incidents More ❯

Information Security & Risk Specialist (ISO 27001:2022) - Energy Location: Brussels Hybrid: 2 days a week My client is looking for an Information Security Specialist to join the team in Brussels. The successful candidate will have the opportunity to work in a hybrid model, allowing for a blend of remote and in-office work to … support a good work-life balance. You will work within the Service Delivery team. You will be managing all security related activities for the software development and service coordination in scope of the business. This role will expand in the future into further business areas with a long-term security impact beyond. Responsibilities and tasks Maintain and continuously … improve the specific security policies. Ensure security integration into the Software Development Lifecycle (SSDLC) by collaborating with product owners to implement security best practices. Lead and follow up on non-functional security testing (code scanning, penetration testing, threat modelling) and the yearly security auditing campaign, ensuring follow-up as part of the risk management process. More ❯

improve the well-being of all by taking life science further and combine our attention to detail with the extraordinary, because it all matters. The opportunity Reporting to the Information Security Officer you will contribute to the efficiency, capability and profitability of the business by gathering, analysing and recommending changes to processes/systems within BUs, across multiple … Internal Audit team on the development, implementation and operation of ITGCs Supporting the implementation of ISO27001 controls and perform regular control audits to monitor compliance Developing and managing a security risk framework, aligning with the enterprise risk management approach Coordinating the performance of regular business impact assessments (BIAs) and the recording of results and updates Contributing to the design … and implementation of information security process and control improvements Mentoring other members of the Information security team and promote risk management best practices across IT Supporting the development and delivery of compliance training and awareness, fostering a culture of risk awareness and accountability across the organisation Providing advice to stakeholders on IT risk and compliance topics More ❯

improve the well-being of all by taking life science further and combine our attention to detail with the extraordinary, because it all matters. The opportunity Reporting to the Information Security Officer you will contribute to the efficiency, capability and profitability of the business by gathering, analysing and recommending changes to processes/systems within BUs, across multiple … Internal Audit team on the development, implementation and operation of ITGCs Supporting the implementation of ISO27001 controls and perform regular control audits to monitor compliance Developing and managing a security risk framework, aligning with the enterprise risk management approach Coordinating the performance of regular business impact assessments (BIAs) and the recording of results and updates Contributing to the design … and implementation of information security process and control improvements Mentoring other members of the Information security team and promote risk management best practices across IT Supporting the development and delivery of compliance training and awareness, fostering a culture of risk awareness and accountability across the organisation Providing advice to stakeholders on IT risk and compliance topics More ❯

This position is contingent upon funding with an expected start date of December 2025 SECRET Clearance required We are seeking an Information Systems Security Specialist II; this role is focused on conducting Security Technical Implementation Guide (STIG) assessments and performing vulnerability assessments using the Assured Compliance Assessment Solution (ACAS). You will manage security authorization … packages and risk assessment documentation in eMASS, while developing and maintaining Plans of Actions and Milestones (POA&M) to remediate security vulnerabilities. As part of your responsibilities, you'll execute Risk Management Framework (RMF) Step 5 authorizations as an Information System Security Engineer (ISSE), providing critical security risk mitigation recommendations and guidance to stakeholders. On-site … only, no telework. Position Responsibilities: Conduct Security Technical Implementation Guide (STIG) assessments, utilizing SCAP benchmarks and Evaluate STIG. Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) tool. Manage security authorization packages and risk assessment documentation within eMASS. Develop and maintain Plans of Actions and Milestones (POA&M) to remediate security vulnerabilities. Execute Risk Management Framework More ❯

Information Systems Security Specialist vacancy in Berkshire (060DM) Are you a former military professional with a background in information security, risk management, and assurance? Your experience in secure environments, risk analysis, and stakeholder engagement makes you the perfect fit for this Information Systems Security Specialist role. This is an opportunity to continue … making an impact by protecting critical systems and ensuring robust security measures in a complex environment. 12-month contract, with a chance of extension. Key Responsibilities Conduct risk analysis for information systems, providing strategic recommendations to decision-makers. Advise senior leadership and project teams on information security best practices. Develop and implement security architectures to … safeguard critical data and infrastructure. Assess and manage information risks across projects, supply chains, and stakeholders. Stay ahead of evolving security threats, leveraging industry standards and best practices. Oversee vulnerability assessments and ensure security compliance across IT systems. Provide technical risk assessments and contribute to the professional development of information security standards. What We're More ❯

Job information: Functional Title - IT Security Specialist Department – Security Governance and Risk Management Corporate level – Associate Vice President Report to – Director of Security Location - London, onsite 2 days per week About the role: The individual will be part of the security function that is responsible for security governance, risk and assurance, to ensure … the organisations security posture is robust, compliant against the security policy, standards and controls. The position will require close collaboration with technical, operational, compliance and audit teams to create a secure and compliant technology environment. What you will be doing: Maintain security policy, standards, procedures and frameworks. Ensure alignment with security industry standards such as NIST … CSF and NIST 800-53. Act as an advisor to colleagues across the organisation on best security practice. Conduct regular risk assessments and maintain risk register in RSA Archer. Identify assess and prioritize security risk across the organisation’s information assets and environments. Understanding security gaps and provide evaluation and treatment options, consultation on remediation More ❯

Job information: Functional Title - IT Security Specialist Department – Security Governance and Risk Management Corporate level – Associate Vice President Report to – Director of Security Location - London, onsite 2 days per week About the role: The individual will be part of the security function that is responsible for security governance, risk and assurance, to ensure … the organisations security posture is robust, compliant against the security policy, standards and controls. The position will require close collaboration with technical, operational, compliance and audit teams to create a secure and compliant technology environment. What you will be doing: Maintain security policy, standards, procedures and frameworks. Ensure alignment with security industry standards such as NIST … CSF and NIST 800-53. Act as an advisor to colleagues across the organisation on best security practice. Conduct regular risk assessments and maintain risk register in RSA Archer. Identify assess and prioritize security risk across the organisation’s information assets and environments. Understanding security gaps and provide evaluation and treatment options, consultation on remediation More ❯

Job information: Functional Title - IT Security Specialist Department – Security Governance and Risk Management Corporate level – Associate Vice President Report to – Director of Security Location - London, onsite 2 days per week About the role: The individual will be part of the security function that is responsible for security governance, risk and assurance, to ensure … the organisations security posture is robust, compliant against the security policy, standards and controls. The position will require close collaboration with technical, operational, compliance and audit teams to create a secure and compliant technology environment. What you will be doing: Maintain security policy, standards, procedures and frameworks. Ensure alignment with security industry standards such as NIST … CSF and NIST 800-53. Act as an advisor to colleagues across the organisation on best security practice. Conduct regular risk assessments and maintain risk register in RSA Archer. Identify assess and prioritize security risk across the organisation’s information assets and environments. Understanding security gaps and provide evaluation and treatment options, consultation on remediation More ❯

ship's service life. The organization also maintains inactive ships for future disposal, donation, or transfer, to include follow-on technical support to our partner navies. Duties include: The Information System Security Specialist is responsible for supporting all aspects of a Program Information Assurance (IA) processes tailored to include minimum qualification standards, fundamental awareness and familiarity … to demonstrated competency with specific experience in Cyber Security, Engineering, Test & Evaluation, (T&E) and/or Security Control Assessor (SCA) under a Certification & Accreditation (C&A) and/or Assessment & Authorization (A&A) process. The specialist should demonstrate a working knowledge of the Risk Management Framework (RMF) process and/or include prior experience with the … Defense Information Assurance & Certification Accreditation Process (DIACAP). Familiarity with security policies & guidance documents to assist with the preparation and maintenance of process artifacts, traceability documents purposed for compliance with Authority to Operate (ATO) requirements. The specialist is expected to evaluate security solutions to ensure they meet security requirements for processing up to classified information More ❯

Information Security/Information Privacy SME (Contract) Location: Central London (Hybrid – 2 days onsite per week) Contract: Inside IR35 or Umbrella Engagement Duration: 6–12 months (with potential extension) Industry: Private Banking/Wealth Management Role Overview: We are seeking a highly experienced Information Security/Information Privacy Subject Matter Expert (SME) to support … a leading private bank in London. This role is focused on providing strategic and operational guidance on cybersecurity, data protection, and regulatory compliance to ensure the bank’s information assets and customer data remain secure and compliant with applicable standards (e.g., ISO 27001, GDPR, FCA requirements). Key Responsibilities: Serve as the SME for all matters related to information security and privacy. Advise on the development and maintenance of security policies, procedures, and frameworks. Review and strengthen current information security architecture and controls. Conduct risk assessments, gap analyses, and privacy impact assessments (DPIAs). Provide expert input on GDPR, UK Data Protection Act, and other relevant regulations. Partner with internal stakeholders across legal, compliance More ❯

ship's service life. The organization also maintains inactive ships for future disposal, donation, or transfer, to include follow-on technical support to our partner navies. Duties include: The Information System Security Specialist is responsible for supporting all aspects of a Program Information Assurance (IA) processes tailored to include minimum qualification standards, fundamental awareness and familiarity … to demonstrated competency with specific experience in Cyber Security, Engineering, Test & Evaluation, (T&E) and/or Security Control Assessor (SCA) under a Certification & Accreditation (C&A) and/or Assessment & Authorization (A&A) process. The specialist should demonstrate a working knowledge of the Risk Management Framework (RMF) process and/or include prior experience with the … Defense Information Assurance & Certification Accreditation Process (DIACAP). Familiarity with security policies & guidance documents to assist with the preparation and maintenance of process artifacts, traceability documents purposed for compliance with Authority to Operate (ATO) requirements. The specialist is expected to evaluate security solutions to ensure they meet security requirements for processing up to classified information More ❯

Type: Full Time Location: Washington, DC Overtime Exempt: No Reports To: ARMADA HQ Security Clearance Required: Active Top Secret CONTINGENT UPON AWARD Duties & Responsibilities: The Security Specialist IV - Information Management shall provide technical database management and administration support to effectively and efficiently manage the security databases. The Security Specialist IV - Information Management … shall d evelop a training plan to teach new and existing staff the day-to-day elements of the security database. The Security Specialist IV - Information Management shall m aintain and update the database by continuous day-to-day update of content and ensuring accurate and adequate security measures are in place to safeguard government … and contractor sensitive and priority data. Prepare and maintain all SOPs and research and prepare policies and procedures for NGA SIS. Analyze and review security files and provide security file maintenance support. Coordinate with database administrators and system engineers to populate the security database for NGA. Maintain and support a comprehensive understanding of the continuity of operations More ❯

INFORMATION SECURITY GRC SPECIALIST Buckinghamshire | Hybrid Working (Flexible Days) Contract: Permanent Salary: Up to £65,000 + BONUS Reports to: GRC Manager Individual Contributor Role – No Direct Reports Are you a security governance expert looking to play a crucial role in an evolving and high-impact environment? We are seeking an Information Security GRC … Specialist to join our InfoSec Governance, Risk and Compliance (GRC) team. In this role, you’ll help protect the confidentiality, integrity, and availability of our information assets by embedding best-in-class governance practices, assessing risk, and ensuring compliance with key industry standards like ISO27001. You'll work across the business as a trusted security advisor, helping … teams understand and manage their risk profile and compliance obligations. What You’ll Bring A strong understanding of the current threat landscape, security risks, and compliance standards. Extensive experience in information security, ideally within a GRC or risk management role. Experience delivering risk assessments and managing compliance against standards like ISO27001. Skilled in writing and implementing security More ❯

Job Title : Information Security Assurance Specialist Contract Type: Permanent, Full Time Salary Range: £33,200-£41,500 depending on experience Location: Eastleigh Information Security Assurance Specialist: At Ageas, we are committed to protecting our customers, employees, and systems through robust information security practices. We are seeking a Information Security Assurance … and Architecture Specialist to join our growing team. This role is critical in ensuring our security architecture aligns with business goals and regulatory requirements, while also providing assurance over the effectiveness of our security controls. Reporting into the Assurance and Architecture Manager, you will be responsible for supporting and operating the day-to-day activities relating to … security, initiatives, controls and governance processes. This role is a combination of internal consultancy, change management and assurance activities to provide confidence to the business that we are meeting our security goals. You will act as the bridge between our technical teams and operational functions and are therefore required to have excellent communication skills, including the ability to More ❯

Information Security Risk & Compliance Specialist About CyberArk : CyberArk (NASDAQ: CYBR ), is the global leader in Identity Security . Centered on privileged access management, CyberArk provides the most comprehensive security offering for any identity - human or machine - across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. The world's leading organizations trust … the Role: We are seeking a highly motivated and detail-oriented GRC Compliance Expert to join our Governance, Risk, and Compliance team. This role is pivotal in supporting customer security assessments during RFx processes, driving compliance initiatives including DORA , NIS2 , and other regulatory frameworks, and assisting with broader GRC activities across the organization. The ideal candidate is a self … located in our office in London. We ask to come to the office twice per week. Support the sales and legal teams during RFx processes by responding to customer security questionnaires, assessments, and due diligence requests. Coordinate and manage responses to customer security audits and assurance inquiries. Monitor regulatory changes and contribute to compliance initiatives such as DORA More ❯

value everybody for who they are and what they bring to the table, supporting one another as we continue to deliver for our customers. LI-KS1 Create & Maintain an information security management system (ISMS) capable of demonstrating compliance against internal security requirements and external commitments including certification and regulatory requirements. Provide subject matter expertise in the application … to any new or existing programme of work. Prepare and support internal and/or external compliance audit activities. Manage remediation of any audit (internal & External) non-conformities. Ensure security policies (on a risk-based approach) are produced, signed off by relevant stakeholders, published, and communicated. Also, ensure that policies are managed throughout their lifecycle and updated through yearly … or ad-hoc reviews. Produce relevant security standards documentation in consultation with Technical teams. Lead on providing information to Three UK Customers (B2B) regarding Three UK's security practices. Support proactive and effective oversight of technology and security risk management frameworks, methodologies, processes, assurance, remediation, and reporting activities across the company. Assist in designing, building, and More ❯

POA&M) activities related to ATO. Asset where possible in completing POA&M activities. Requirements Ensure the effective implementation of DOE and NNSA cybersecurity policies and procedures for designated information systems, ensuring alignment with organizational security standards and best practices. Lead the Assessment and Authorization (A&A) activities for designated systems, ensuring compliance with federal regulations and internal … security requirements. Document security measures in security plans and oversee access control provisioning for system users. Establish, maintain, and oversee configuration management of security documentation for assigned systems. Regularly review and update security artifacts to ensure they reflect current security configurations. Identify, assess, and document threats and risks to designated systems. Conduct thorough risk … assessments to understand vulnerabilities and recommend mitigation strategies to ensure system integrity. Lead and conduct cybersecurity tests and assessments, providing actionable results to the Information System Security Manager (ISSM). Address vulnerabilities and provide guidance for remediation. Evaluate the security impact of proposed changes to assigned information systems. Recommend and implement strategies for mitigating risks associated More ❯

Responsibilities Noblis ESI is seeking a highly motivated Information System Security Specialist with a strong focus on JWICS to join our dynamic team in Dayton, Ohio. This critical role offers a unique opportunity to contribute to the security and advancement of information systems and network-delivered solutions. The selected candidate will primarily be responsible for … providing Information System Security Manager (ISSM) support for JWICS, including maintaining system security plans, conducting security assessments, and ensuring compliance with relevant policies and regulations. This role also entails providing comprehensive IT customer support for a 50-person office with 150 systems, including security analysis, troubleshooting complex hardware and software issues, performing machine imaging, managing … user accounts and access controls, and supporting SIPRNet and NIPRNet systems as needed. Responsibilities Include: Primarily responsible for providing Information System Security Manager (ISSM) support for JWICS systems, ensuring compliance with DISA STIGs, NIST Special Publications, and other relevant security regulations. Develop, maintain, and update System Security Plans (SSPs) for JWICS systems, ensuring accuracy and completeness. More ❯

firewall protection; intrusion prevention and detection; log analysis and review; traffic analysis, user account management, and incident reporting for the project IT systems. Candidate shall be certified as an information systems security professional (CISSP) and possess a minimum of three (3) years' experience directly supporting information systems security efforts. General Experience: Activities Associated with Identifying Security Controls that are Provided by the Organization as Common Controls for Organizational Information Systems and Document the Controls into the SSP or equivalent Documents Activities Associated with Tailoring Security Controls as Needed Activities Associated with Developing a Strategy for Monitoring Security Controls Effectiveness and any Proposed or Actual Changes to the Information System Activities Associated … with Implementing Security Controls Activities Associated with Documenting the Implemented Security Controls in the SSP with a Functional Description of the Control Implementation Activities Associated with Developing, Reviewing and Approving a Plan to Assess Security Controls Activities Associated with Assessing Security Controls in Accordance with the Assessment Procedures Defined in the SSP Activities Associated with Preparing More ❯