experience may compensate for lack of formal education. Certifications such as CISSP, CISM, expert level Azure, or similar are a plus. Familiarity with security frameworks (ISO 27001, SOC 2, NIST, FedRAMP). Competencies Advanced knowledge of cyber security. Excellent leadership, communication, and cross-functional collaboration and mentoring skills. More ❯
Aberdeen, City of Aberdeen, United Kingdom Hybrid / WFH Options
Orion Group
structured IT and information security risk assessments and threat modelling for new IT platforms, systems, and applications and for material changes. Provide security architecture advice (patterns, guardrails) aligned to NIST CSF/ISO 27001 and company standards. Define and agree control selection (prevent/detect/correct) proportionate to risk, including identity, data and platform controls. Conduct IT control walkthroughs … approach. Role Requirements 7+ years in information risk, security assurance or IT audit within regulated, safety-critical or industrial environments (energy/oil & gas preferred). Strong knowledge ofNIST CSF, ISO 27001, UK GDPR and supplier assurance practices; familiarity with the UK CAF is desirable. Proven experience running compliance and assurance functions, Secure-by-Design reviews, and control testing More ❯
Aberdeen, Aberdeenshire, United Kingdom Hybrid / WFH Options
Orion Group
structured IT and information security risk assessments and threat modelling for new IT platforms, systems, and applications and for material changes. Provide security architecture advice (patterns, guardrails) aligned to NIST CSF/ISO 27001 and company standards. Define and agree control selection (prevent/detect/correct) proportionate to risk, including identity, data and platform controls. Conduct IT control walkthroughs … approach. Role Requirements 7+ years in information risk, security assurance or IT audit within regulated, safety-critical or industrial environments (energy/oil & gas preferred). Strong knowledge ofNIST CSF, ISO 27001, UK GDPR and supplier assurance practices; familiarity with the UK CAF is desirable. Proven experience running compliance and assurance functions, Secure-by-Design reviews, and control testing More ❯
