Security Officer and wider risk team to assess and challenge the effectiveness of current controls, contribute to risk assessments, and support internalaudit and governance processes. Responsibilities: Provide second-line assurance and oversight of information security controls Identify and assess gaps in existing controls, offering pragmatic, risk More ❯
controls, including encryption and tokenization. • Review network segmentation and ensure least privilege for network access (Zero Trust). • Support testing and validation of internal security controls and assess emerging security technologies. Collaboration • Partner with vendor management to conduct security assessments of vendors, including SaaS, IaaS, MSPs, and payroll … to validate security practices during failover operations. • Participate in application and infrastructure projects to provide security-planning guidance. • Collaborate with the internalaudit team to evaluate the design and effectiveness of security-related controls. Role-specific knowledge, skills & experience: Educated to degree level or equivalent Five to More ❯
Ashton-Under-Lyne, Greater Manchester, UK Hybrid / WFH Options
Tenth Revolution Group
an experienced Information Security Analyst to play a key role in maintaining and improving the client’s information security framework. You’ll support internal audits, guide compliance efforts, and drive continual improvement across their information security systems. Key Responsibilities Manage and evolve the Information Security Management System (ISMS … a monthly basis. Ensure compliance with key frameworks including ISO 27001:2022, ISO 27701:2019, and SOC 2 across multiple international offices. Lead internal audits and manage responses to external security assessments. Support third-party risk management, including vendor due diligence and client compliance questionnaires. Assist with security … incident management and help improve organisational threat awareness. Champion secure behaviours through awareness training and internal communication. Essential: Hands-on experience with ISO 27001, ISO 27701 and/or SOC 2 standards. Strong grasp of global data protection laws, particularly GDPR and CCPA. Able to work independently and More ❯
