Carlisle, Cumbria, England, United Kingdom Hybrid / WFH Options
Cumberland Building Society
CISM. Where significant experience can be demonstrated, this will be considered You’ll have in-depth knowledge in information security, having very good experience of compliance such as ISO27001, NIST, PCI DSS, REP018, CBEST & CQUEST requirements, ideally holding the PCI Internal Security Assessor qualification. Skills, abilities and behaviours: Excellent interpersonal, written and verbal communication skills and the ability to work More ❯
Aberdeen, City of Aberdeen, United Kingdom Hybrid / WFH Options
Orion Group
structured IT and information security risk assessments and threat modelling for new IT platforms, systems, and applications and for material changes. Provide security architecture advice (patterns, guardrails) aligned to NIST CSF/ISO 27001 and company standards. Define and agree control selection (prevent/detect/correct) proportionate to risk, including identity, data and platform controls. Conduct IT control walkthroughs … approach. Role Requirements 7+ years in information risk, security assurance or IT audit within regulated, safety-critical or industrial environments (energy/oil & gas preferred). Strong knowledge ofNIST CSF, ISO 27001, UK GDPR and supplier assurance practices; familiarity with the UK CAF is desirable. Proven experience running compliance and assurance functions, Secure-by-Design reviews, and control testing More ❯
