2 of 2 Risk Management Jobs in Herefordshire

and continual improvement across key security frameworks including ISO 27001, PCI DSS, and Cyber Essentials Plus. Key Responsibilities: * Lead on the operation and continual improvement of the Information Security Management System (ISMS) * Coordinate internal and external audit readiness for ISO 27001, PCI DSS, and Cyber Essentials Plus * Draft and update information security policies, procedures, and technical standards * Work with … procurement and commercial teams to support supplier assurance and risk assessment * Contribute to tender responses and bid processes, ensuring security and compliance requirements are met * Promote good security practices and raise awareness across departments * Act as an escalation point and day-to-day contact for other team members * Stay up to date with changes in legislation and standards relating … stakeholder communication skills, both written and verbal * Ability to build effective working relationships and influence at all levels * Comfortable working independently and proactively across teams Desirable: * Experience in supplier risk management and/or tender processes * ISO 27001 Lead Auditor/Implementer, PCIP, CISM, CompTIA Security+, or CISMP certification What you get in return: * Up to More ❯

are protected, designed and operated. Youll be involved throughout the project lifecycle, from shaping security strategy to designing architectures and overseeing secure development. Expect variety: one week advising on risk management, the next helping to design secure solutions for enterprise-scale ICT, followed by leading on assurance activities or reviewing deliverables that set the standard for security across … while building trusted relationships with clients. What youll be doing Advising projects on information assurance and cyber security best practice Designing and reviewing security architectures for enterprise systems Delivering risk assessments and presenting findings to senior stakeholders Producing and reviewing security assurance documentation aligned to HMG frameworks Supporting secure development and accreditation activities Contributing to the investigation of incidents … and security monitoring approaches What were looking for 3+ years experience in consultancy or complex ICT delivery Knowledge of frameworks such as HMG SPF and ISO27001 Familiarity with identity management, PKI, SIEM, cryptography and firewalls Strong communication skills, able to influence at all levels A STEM degree or relevant security certification (CCP, CISSP, SABSA, TOGAF) desirable Eligibility for UK More ❯