Information Security certifications such as CISSP, CISM, CISA, or CRISC are highly preferred. Knowledge with common compliance frameworks like the CIS Critical Controls, NIST SP800, ISO27001 Detailed knowledge of cyber risk management practices from the context of ERM Frameworks and familiarity with GRC applications. Strong analytical and problem … end 2023 we had completed 117 transactions since the 2000. Today, Enstar is the industry's largest standalone run-off consolidator. With around 800 global employees, our network of group companies has a significant physical presence in Bermuda, where our headquarters are located, the United States, the United More ❯
Strong understanding of cybersecurity frameworks for ICS/OT environments Strong understanding of OT network communication protocols and industrial networking topologies. Familiarity with NIST (National Institute of Standards and Technology) SpecialPublication800-61 Revision 2, Computer Security Incident Handling Guide. Familiarity with NIST (National Institute of Standards and Technology) SpecialPublication800-82 Comprehensive knowledge of internet protocols, firewalls, proxies, and intrusion detection/prevention systems. Familiarity/Knowledge of the Perdue Enterprise Reference Architecture (PERA) Certifications for SANS (SysAdmin, Audit, Network and Security) GIAC (Global Information Assurance Certification … NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Plan) frameworks Understanding of general cybersecurity frameworks (ISO IEC 27001/27002, ISO 15408, NIST Cybersecurity Framework (CSF), NIST SP800-53), and Guide to Industrial Control Systems (ICS) Security (NIST SP800-82) A working knowledge More ❯
london, south east england, United Kingdom Hybrid / WFH Options
Vantage Data Centers
Strong understanding of cybersecurity frameworks for ICS/OT environments Strong understanding of OT network communication protocols and industrial networking topologies. Familiarity with NIST (National Institute of Standards and Technology) SpecialPublication800-61 Revision 2, Computer Security Incident Handling Guide. Familiarity with NIST (National Institute of Standards and Technology) SpecialPublication800-82 Comprehensive knowledge of internet protocols, firewalls, proxies, and intrusion detection/prevention systems. Familiarity/Knowledge of the Perdue Enterprise Reference Architecture (PERA) Certifications for SANS (SysAdmin, Audit, Network and Security) GIAC (Global Information Assurance Certification … NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Plan) frameworks Understanding of general cybersecurity frameworks (ISO IEC 27001/27002, ISO 15408, NIST Cybersecurity Framework (CSF), NIST SP800-53), and Guide to Industrial Control Systems (ICS) Security (NIST SP800-82) A working knowledge More ❯
control design adequacy and effectiveness. The role supports RCSA processes and leads evidence-based evaluations. Key Responsibilities: Evaluate and test security controls against NIST800-53 requirements Execute scheduled control testing, document results, and analyse weaknesses Review and capture control evidence for audit and compliance purposes More ❯
control design adequacy and effectiveness. The role supports RCSA processes and leads evidence-based evaluations. Key Responsibilities: Evaluate and test security controls against NIST800-53 requirements Execute scheduled control testing, document results, and analyse weaknesses Review and capture control evidence for audit and compliance purposes More ❯
Treatment Plans Establish security requirements for cloud-based solutions by evaluating business strategies and requirements, implementing security standards such as ISO 27000 series, NIST, CSF, and CSA Identify and deliver appropriate controls based on industry standards (e.g. CCM) to drive cloud and customer security solutions framework based on … and best practices for delivering security across IaaS, PaaS, SaaS and Serverless architectures Implementing Information Security and Privacy Standards and Frameworks (e.g. ISO 27k, NIST800-53, CIS, GDPR) Leading security working groups and external security testing (ITHC, Penetration Testing, etc) of cloud solutions at high HMG classification levels (OFFICIAL required More ❯
Guildford, Surrey, United Kingdom Hybrid / WFH Options
BAE Systems (New)
Compliance - Lead accreditation work, interfacing with the IT team, Accreditor, and affected business units. Maintain compliance with frameworks such as Secure by Design, NIST-800-53, STRAP. Security Testing - Scope and oversee penetration testing, vulnerability scanning, and other security validation activities to ensure effectiveness of security controls. Design … CIA triad, risk management, compliance frameworks applicable to classified networks). Expert understanding of UK government and defence Accreditation standards, including Secure by Design, NIST800-53, and ISO27001. Robust knowledge in developing and reporting performance and risk metrics (e.g., KPIs/KRIs). Strong organisational, time management, and diplomacy skills. More ❯
work, with interface into the IT team, Accreditor and affected business units. Maintain accreditation and compliance with frameworks such as Secure by Design, NIST-800-53, STRAP; Security Testing - Scope and oversee penetration testing, vulnerability scanning, and other security validation activities, to ensure effectiveness of security controls; Design … and systems, etc.); Expert understanding and application of both UK government and defence Accreditation standards, including Secure by Design, NSCS/NPSA Risk Management, NIST800-53, and STRAP, DEF STAN 05-138, ISO27001; Robust knowledge and experience in developing and reporting performance and risk metrics (e.g., KPIs/KRIs - Status More ❯
for this vacancy. 5 + years of security/technology audit experience, including development of control test plans/scripts Working knowledge of NIST CSF 2.0 and/or NIST 800.53 rev. 5 Experience in automating control testing processes Experience managing multiple assignments and projects at More ❯
