3 of 3 Remote Temporary ISO/IEC 27001 Jobs

a current opportunity for a Senior InfoSec Advisor (IRM Manager) on a 12 month PAYE contract basis. The position will be based in Aberdeen and will have a 3 / 2 hybrid working pattern Key ResponsibilitiesRisk Assessment & Secure by Design Perform structured IT and information security risk assessments and threat modelling for new IT platforms, systems, and applications and … for material changes. Provide security architecture advice (patterns, guardrails) aligned to NIST CSF / ISO 27001 and company standards. Define and agree control selection (prevent / detect / correct) proportionate to risk, including identity, data and platform controls. Conduct IT control walkthroughs to validate design and operating effectiveness; document evidence and issues. LOD2 … systems; define test scopes, frequency and metrics. Track high-risk deviations and risk acceptances; drive remediation and report residual risk to the CISO, CIO and business risk owners. OT / ICS Security Own the LOD2 assurance plan across OT sites against the OT security standard, deciding the order and frequency of assessments aligned to risk and risk appetite. Provide More ❯

a current opportunity for a Senior InfoSec Advisor (IRM Manager) on a 12 month PAYE contract basis. The position will be based in Aberdeen and will have a 3 / 2 hybrid working pattern Key ResponsibilitiesRisk Assessment & Secure by Design Perform structured IT and information security risk assessments and threat modelling for new IT platforms, systems, and applications and … for material changes. Provide security architecture advice (patterns, guardrails) aligned to NIST CSF / ISO 27001 and company standards. Define and agree control selection (prevent / detect / correct) proportionate to risk, including identity, data and platform controls. Conduct IT control walkthroughs to validate design and operating effectiveness; document evidence and issues. LOD2 … systems; define test scopes, frequency and metrics. Track high-risk deviations and risk acceptances; drive remediation and report residual risk to the CISO, CIO and business risk owners. OT / ICS Security Own the LOD2 assurance plan across OT sites against the OT security standard, deciding the order and frequency of assessments aligned to risk and risk appetite. Provide More ❯

Assurance Team. You’ll assist in the oversight and control of all aspects of the Information Security Management System, ensuring controls and assurance audits are in place to prevent / minimise threats such as security breaches, computer viruses or attacks by cyber criminals as well as carrying out audits in line with the assurance calendar. You’ll build key … relationships with all teams / colleagues across the Society and work closely with 1st line risk colleagues, Payments and Technology. You’ll manage the relationship with Qualified Security Assessors (QSAs); coordinating annual assessment and remediation activities, Regulatory Bodies; providing evidence and reporting for PCI compliance, and Third-Party Service Providers; completing assurance reviews and compliance verifications for suppliers handling … e.g., CISM. Where significant experience can be demonstrated, this will be considered You’ll have in-depth knowledge in information security, having very good experience of compliance such as ISO27001, NIST, PCI DSS, REP018, CBEST & CQUEST requirements, ideally holding the PCI Internal Security Assessor qualification. Skills, abilities and behaviours: Excellent interpersonal, written and verbal communication skills and the ability to More ❯