knowledge transfer and constructive feedback SKILLS AND EXPERIENCE Functional/Technical Competencies Essential: Good understanding of cybersecurity/IT control frameworks including but not limited to frameworks from SOX, FFIEC, ISO27001, NIST, Cloud Security Alliance, and PCI-DSS Good managerial skills Experience of working as an IT auditor, security auditor or governance, risk and compliance analyst Proven understanding of current More ❯
technology risk frameworks, for instance, ISO 27000, NIST, CIS Critical Security Controls, COBIT, and IIA GTAGs. Working experience with regulatory standards/requirements (US, UK) ie, GDPR, BCBS 239, FFIEC 101, 3402, CHAP. Working experience and/or knowledge of Security domains including Access management, Threat management, Incident response and recovery, Data protection, Vulnerability management, Monitoring and logging, Physical security More ❯
of the team Understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including; OWASP, ISO2700x series, PCI DSS, GLBA, GDPR, Global data security and privacy acts, FFIEC guidelines, CIS and NIST standards. Windows and Linux Servers administration Strong Documentation skills More details available on successful application. More ❯
Edinburgh, Midlothian, United Kingdom Hybrid / WFH Options
Kosli Enterprise
Go, YAML, JSON etc.) A background in financial services or similar regulated industries. Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting, solutions architecture, or technical coaching. Interest in technical sales and supporting go-to-market strategies. Excellent written and verbal communication More ❯
de-provisioning. - Develop/configure SailPoint modules (audit, compliance, lifecycle, service account - Design, test, and troubleshoot custom connectors. Build IAM dashboards/reports and support internal/external audits (FFIEC, PCI, SOC, SOX, GDPR, HIPAA - Provide training/guidance on IAM best practices. - Collaborate with cross-functional teams to deliver scalable IAM solutions. More ❯
key contributor in the preparation, review, and analysis of reports compiled for regulatory agencies to include the FR Y-9C, FR Y-9LP, FR Y-11, FR 2314, and FFIEC 009/009a. You will be responsible for preparing highly technical components of the reports and/or schedules and conducting detailed reviews of reports and/or schedules prepared More ❯
key contributor in the preparation, review, and analysis of reports compiled for regulatory agencies to include the FR Y-9C, FR Y-9LP, FR Y-11, FR 2314, and FFIEC 009/009a. You will be responsible for preparing highly technical components of the reports and/or schedules and conducting detailed reviews of reports and/or schedules prepared More ❯
r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery capabilities. • Manage local partners and develop partner sales … engagements. • Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO 27000, NIST More ❯
london (city of london), south east england, united kingdom
HCLTech
r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery capabilities. • Manage local partners and develop partner sales … engagements. • Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO 27000, NIST More ❯
r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery capabilities. • Manage local partners and develop partner sales … engagements. • Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO 27000, NIST More ❯
Head Office. Facilitate the EUC Controls attestation process, including tracking submissions and supporting sample testing of Business Critical EUCs. Contribute to cyber security assurance activities, including assessments related to FFIEC, SWIFT CSP, REP18, CRI Profile, and other regulatory or internal frameworks. Ensure quality and consistency in audit and risk-related deliverables, particularly when preparing responses or data for external stakeholders. … Assist in the execution of the EUC Controls annual attestation and Business Critical EUC sample testing, including evidence collection and stakeholder follow-up. Support regular assessment initiatives related to FFIEC, SWIFT, REP18, CRI Profile, and other cyber security assurance activities, including scheduling, documentation, and stakeholder coordination. Coordinate and support the ISSP Systems Risk Evaluation process, ensuring alignment with MUFG Bank More ❯
PowerShell, Python, SQL, UiPath) to support access attestation, SoD analysis, and exception tracking. Partner with Internal Audit, Compliance, and external regulators to ensure the enterprise meets requirements for SOX, FFIEC, and other control frameworks. Serve as a subject matter expert in access governance, providing oversight on RBAC modeling, policy enforcement, and toxic access combinations. Collaborate with application owners, technology stakeholders … CyberArk and Centrify. Familiarity with data visualization tools such as Power BI, Tableau, or Splunk. Experience working in a regulated financial services environment, with a strong understanding of SOX, FFIEC, and other access-related compliance requirements is a big plus Bachelor's degree in Information Security, Computer Science, or related field or similar professional experience. Please email your resume or More ❯
